
Cloud Computing
CSRS-Corp understands, cloud computing is not a single capability, but a collection of essential characteristics that are manifested through various types of technology deployment and service models. A wide range of technologies fall under the title “cloud computing,” and the complexity of their various implementations may result in confusion among program managers. Our services will allow your organization to successfully achieve the different service models of cloud computing to include Software as a Service, Platform as a Service, and Infrastructure as a Service (SaaS, PaaS, and IaaS).
Our services will provide your organization with the guidance necessary to ensure an organizational decision to embrace cloud computing technology is a risk-based decision, not a technology based decision. As such, this decision from a risk management perspective requires inputs from all stakeholders. Once the business decision has been made to move towards a cloud computing environment, we will assist your organization determine the appropriate manner for their security assessments and authorizations.
Our services will provide your organization the opportunity to transform its IT portfolio by giving agencies the ability to purchase a broad range of IT services in a utility based model. Our cloud computing experts will allow your organization to refocus their efforts on IT operations and only pay for IT services consumed instead of buying IT with a focus on capital expenditures and overhead. Procuring IT in a cloud computing model can help the Federal Government to increase operational efficiencies, resource utilization, and innovation across the IT portfolio, delivering a higher return on investments to your organization.
By addressing the unique elements below and including all necessary stakeholders when creating cloud computing contracts, CSRS-Corp will assist your organization to more effectively procure and manage IT as a service:
-
Cloud Service Providers (CSP) and End-User Agreements: Terms of Service and all CSP/customer required agreements need to be integrated fully in to cloud contracts
-
Service Level Agreements (SLAs): SLAs need to define performance with clear terms and definitions, demonstrate how performance is being measured, and what enforcement mechanisms are in place to ensure SLAs are met
-
CSP, Agency, and Integrator Roles and Responsibilities: Careful delineation between the responsibilities and relationships among the Federal agency, integrators, and the CSP are needed in order to effectively manage cloud services
-
Security: Agencies must clearly detail the requirements for CSPs to maintain the security and integrity of data existing in a cloud environment
-
Privacy: If cloud services will host privacy data, agencies must adequately identify potential privacy risks and responsibilities and address these needs in the contract
-
E-Discovery: Federal agencies must ensure that all data stored in a CSP environment is available for legal discovery by allowing all data to be located, preserved, collected, processed, reviewed, and produced; and
-
E-Records and Freedom of Information Act (FOIA): Agencies must ensure CSP’s understand and assist Federal agencies in compliance with the Federal Records Act (FRA) and FOIA and obligations under these laws