Project 1: Prepare the Cloud Adoption Policy Document
Start Here

Print Project

You recently proposed that your organization, BallotOnline, should begin migrating its systems to a public cloud provider. After getting buy-in from executive management, you worked with the procurement department to write a request for proposal (RFP) and select a vendor to migrate BallotOnline’s company website.

Your supervisor, Sophia, the vice president of Information Technology (IT), has told you that BallotOnline’s executive board has given you approval to begin the work on the cloud adoption strategy for the organization and align the cloud adoption strategy with existing applications and IT infrastructure. You will now prepare the Cloud Adoption Policy Addendum Document for the use of the cloud infrastructure.

As the principal cloud architect for BallotOnline, you are grateful that your previous work has been validated by the executive board, and you’re eager to show Sophia and the board members a comprehensive cloud strategy for the organization.

In thinking about the steps needed to put together the organization’s cloud strategy, you realize that for the transition to take place, it is important to work with the existing IT teams as well as the application and line-of-business owners to help develop a cohesive and streamlined use of cloud infrastructure policy guidelines.

If the transition is set up the right way, you and your transition team will be able to assess a number of important components, including how your organization consumes IT resources on-premise as well as in the cloud, specifically the alignment of service-level agreements (SLAs), information security, data compliance, data/application ownership, impact analysis for workloads in the cloud versus on-premises, exit strategy, and alignment with business objectives. You are beginning to see that putting forth a successful strategy will involve working with both internal and external stakeholders.

All of those components will be included within a Cloud Adoption Policy Addendum document. The executive board will evaluate your Cloud Adoption Policy Addendum for the use of the cloud infrastructure based on the degree to which you are able to apply industry best practices and standards in the cloud adoption strategy to meet the business needs of BallotOnline in migrating the selected system(s) and deploying new applications to the cloud platform.

Project 1: Prepare the Cloud Adoption Policy Document
Step 1: Review Existing IT Policies and SLAs

In this step, you will learn about different IT policy components, how the IT policies align with the business objectives, and you will also learn the important considerations for alignment of cloud adoption strategy with the IT policies.

Your supervisor, Sophia, has recommended that you review BallotOnline’s existing IT policy. When reviewing existing IT policies, it is important to understand both the technical information as well as the business impact of any proposed policy changes or updates. There are a number of factors to consider, including recovery time objectives (RTO), recovery point objectives (RPO), cost of change, and time-to-market.

Upon reviewing BallotOnline’s existing IT policy identify SLA Related Gaps.

Step 2: Analyze Growth Trends and Forecast Future Requirements

You have gained an understanding of BallotOnline’s current IT issues and policies and potential SLA-related gaps in the existing IT policy. Now, you will consider the future or expected growth of BallotOnline’s IT systems.

In growth projection analysis, historical data is combined with research on market and industry trends to predict growth and forecast future requirements. To get you started, Sophia has emailed you the BallotOnline infrastructure over the last five years.

In your forecast, Sophia has recommended that you incorporate an additional 10 percent year-over-year growth for the new projects.

Write a one-page report and submit it for feedback after reading the instructions below. This will later become part of the final Cloud Adoption Policy Addendum.

Step 3: Develop Preliminary List of Applications and Workloads with Acceptable SLAs

Now, you will combine the growth projection analysis from the initial steps with an analysis of potential applications and workloads to create a list of cloud ready items. You will propose a list of applications and workloads for migration to educate the application and lines-of-business (LOB) owners affected by the cloud deployment and obtain their buy-in for the endeavor prior to implementation. You will also draft an updated service-level agreement (SLA) for these applications/workloads.

Review

For a review of implementation information for the various service models:

• Best Practices for Cloud Implementation
• Cloud Computing: A Review of PaaS, IaaS, SaaS Services and Providers

Review BallotOnline’s application and LOB data to analyze and identify the application/workload tiering/classification for cloud suitability based on the capacity, performance, and availability needs of each application/workload provided. You will also update the acceptable SLAs (RTOs and RPOs) in the cloud infrastructure for the top three business-critical applications identified in Step 1.

Before moving on to the next step, where you will consider issues of information security and compliance, discuss your criteria for “cloud readiness,” such as the acceptable latency range, amount of data storage capacity needed, Ethernet-based protocols, application topology, etc. with your BallotOnline colleagues in the Discussion: “Cloud Ready” Applications and Workload Classifications.

Step 4: Address Information Security and Compliance Issues

Information security and privacy are critical to the success of any IT deployment for the growth and viability of the business through a framework such as the confidentiality, availability, and integrity, known as the CIA triad.

Review

To review information on security and compliance issues:

• Network Security Design
• Application and Data Security
• Cloud and Network Security Issues
• Data Compliance
• Cloud-Specific Compliance Issues
• Frameworks for Analyzing Compliance Issues

BallotOnline must also keep its data compliant with regulatory policies and procedures.

In this step, consider the relevant information security and compliance issues related to the “cloud ready” application/workloads you have designated and define how they will be addressed in the policy addendum.

To make sure you are on the right track, Sophia has asked you for a list of the top information security and compliance-related issues related to the applications/workloads designated for migration and a note on how the policy addendum will address them. Submit your notes for feedback after reading the instructions below.

Step 5: Create Cloud Vendor Governance Strategy

Review

There are numerous options available in the marketplace for cloud vendors, each with a unique set of offerings and services, including market leaders such as:

• Amazon AWS
• Microsoft Azure
• Google Cloud Platform

Since you considered information security and compliance issues in the previous step, it’s time to create a cloud vendor governance strategy document using the cloud vendor governance strategy template. Your one- to two-page policy should include your strategy for evaluating cloud vendors, creating a cloud governance strategy, and detailing how to incorporate this strategy into BallotOnline’s overall IT policies. Submit your work for feedback after reading the instructions below.

Step 6: Perform an Impact Analysis

Cloud computing has an enormous impact on the way organizations conduct their business. Working in the cloud can bring business as well as IT operational efficiencies to an organization. While cloud promises these efficiencies, there can be hidden trade-offs associated as well. For example, some of those trade-offs could be control over the underlying infrastructure components (servers, switches, storage, etc.) or dependencies on the services offered by a specific cloud provider. Performing an impact analysis helps ensure that the requirements are completely understood.

A logical follow-up to consideration of your cloud vendor governance in the previous step will be to examine how the adoption of cloud may affect the existing business and technical practices of BallotOnline with a business and technical impact analysis.

You will use this impact analysis in your final Cloud Adoption Policy Addendum, but you also need to consider a potential exit strategy should things not work out with the vendor. You’ll look at that in the next step.

Step 7: Develop an Exit Strategy

It also makes sense to consider what might happen to the organization if the cloud provider doesn’t work out. This is covered in the policies and SLAs via the cloud exit strategy.

The exit strategy should list possible business circumstances that may necessitate ending the relationship with the cloud service provider or vendor. Those circumstances could include the failure of the cloud service provider to meet performance requirements, possible security breaches, and matters concerning the cloud service provider’s business viability. Geographic-specific compliance issues should also be considered, especially since BallotOnline is an international organization.

Document your impact analysis and overall exit strategy, which should be between two and three pages. This impact analysis will be used for your final Cloud Adoption Addendum in the next step.

Step 8: Write the Final Policy Document Addendum

It is time to put everything together for the Cloud Adoption Policy Addendum. The addendum is designed to provide BallotOnline with a comprehensive IT policy that encompasses existing IT systems as well as their growth in the cloud infrastructure. The final document should be between eight and 10 pages.

At this point, you should have a better understanding of the cloud adoption strategy and how cloud adoption strategy differs from traditional IT adoption strategy. This knowledge differentiates you from a traditional IT professional and solidifies your standing in the ranks of cloud computing professionals. The accompanying Cloud Adoption Policy Addendum Template can serve as a guide to make sure you have included all the elements.

Complete your Cloud Adoption Policy Addendum and submit it after reading the instructions below.

The Cloud Adoption Policy Addendum will enable you to consolidate the work that you have completed in the steps along with some additional elements (scope, executive summary, etc.) to create a comprehensive policy addendum. Sophia will present your work for approval at the executive meeting.

BallotOnline’s updated IT policy, which includes your cloud addendum, is important. You will reuse it in subsequent CCA courses, so save it where you can find it.

Check Your Evaluation Criteria

Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them. To view the complete grading rubric, click My Tools, select Assignments from the drop-down menu, and then click the project title.

• 5.1: Evaluate the business IT needs of an organization.
• 5.2: Propose strategies the organization can employ using cloud solutions to enhance organizational effectiveness.
• 5.3: Evaluate cloud adoption as a viable solution based on cost benefits and desired outcomes.
• 5.4: Articulate insights to leadership on the appropriate course of direction on the identified IT business needs.
• 8.1: Assess liability issues associated with cloud adoption.
• 8.3: Assess management and operational risks associated with cloud.
• 9.1: Develop a plan for cloud implementation / migration.
• 9.3: Develop documentation (plans, policies, and procedures) to support cloud operation.
• 11.7: Develop disaster recovery/business continuity plans.
• 11.8: Prepare contingency plans when changing cloud providers or closing down a cloud architecture.

Deliverables:

• Growth Projection Analysis
• Security and compliance-Related Policy Recommendations
• Cloud Vendor Governance Strategy
• Final Cloud Adoption Policy Addendum.