7 Agencies Make Progress on 'Cloud First' Policy | AccountingWEB

7 Agencies Make Progress on 'Cloud First' Policy

By Stuart Lauchlan 

According to a new study by the Government Accountability Office (GAO), progress is being made in implementing the "Cloud first" policy. 
 
The Office of Management and Budget set out its Cloud first policy in December 2010, with top-level backing from President Obama. 
 
The Cloud policy has met with some resistance at the federal CIO level. In October 2011, the GAO reported that a depressing twenty-two out of twenty-four major federal agencies said they were "concerned" or "very concerned" about the security implications of the strategy. 
 
Line that up against the requirement that agencies were expected to migrate three of their technology services to the Cloud by June 2012, the outlook for Cloud first was looking stormy. 
 
But in fact, the GAO has found that the departments of Agriculture, Health and Human Services, Homeland Security, State, and Treasury, and the General Services and Small Business administrations have all met the requirements - and have learned valuable lessons to pass on to other government agencies, both at home and abroad. 
 
The Seven Challenges 
Specifically, the GAO has isolated seven common challenges that government agencies faced in meeting the Cloud first requirements: 
  1. Meeting federal security requirements. Cloud vendors may not be familiar with security requirements that are unique to government agencies, such as continuous monitoring and maintaining an inventory of systems.
  2. Obtaining guidance. Existing guidance for using Cloud services may be insufficient or incomplete. Agencies cited a number of areas where additional guidance is needed, such as purchasing commodity IT. 
  3. Acquiring knowledge and expertise. Government organizations simply may not have the necessary tools or resources, such as expertise among staff, to implement Cloud solutions.
  4. Certifying and accrediting vendors. Agencies may not have a mechanism for certifying that vendors meet standards for security.
  5. Ensuring data portability and interoperability. To preserve their ability to change vendors in the future, agencies may attempt to avoid platforms or technologies that "lock" customers into a particular product.
  6. Overcoming cultural barriers. A risk-averse government culture may act as an obstacle to implementing Cloud solutions.
  7. Procuring services on a consumption (on-demand) basis. The on-demand and scalable nature of Cloud services can make it difficult to define specific quantities and costs, which in turn can make contracting and budgeting difficult due to the fluctuating costs associated with scalable and incremental Cloud service procurements.
     
To attempt to tackle some of these issues, the GAO has told the political and administrative executives that they should direct their respective CIOs to take two specific actions:
  1. Establish estimated costs, performance goals, and plans to retire associated legacy systems for each Cloud-based service discussed in the GAO report, as applicable.
  2. Develop, at a minimum, estimated costs, milestones, performance goals, and plans for retiring legacy systems, as applicable, for planned, additional Cloud-based services.

Related articles:

 
Wait, there's more!
There's always more at AccountingWEB. We're an active community of financial professionals and journalists who strive to bring you valuable content every day. If you'd like, let us know your interests and we'll send you a few articles every week either in taxation, practice excellence, or just our most popular stories from that week. It's free to sign up and to be a part of our community.
Premium content is currently locked

Editor's Choice

WHAT KIND OF FIRM ARE YOU?
As part of our continued effort to provide valuable resources and insight to our subscribers, we're conducting this brief survey to learn more about your personal experiences in the accounting profession. We will be giving away five $50 Amazon gift cards, and a $250 Amazon gift card to one lucky participant.
This is strictly for internal use and data will not be sold
or shared with any third parties.