☁️

Contracting Essentials for Cloud Services

May 3, 2025

COMP30231: Service Centered and Cloud Computing

Lecture Overview: Contracting with Third-Party Cloud Providers

Past Topics Covered:

  • IS Strategy and cloud computing benefits
  • Enterprise Architecture framework for cloud computing
  • Cloud services solution selection and implementation
  • Governance and cost models
  • Business case for cloud computing
  • Risk management
  • Understanding third-party cloud service providers

Today's Focus:

  • Contracting with third-party cloud service providers

Lecture and Seminar Schedule

  • Week 1: IT Strategy & Cloud Computing Introduction
  • Week 2-4: Adopting Cloud Computing
    • Enterprise Architecture
    • Gap analysis and implementation
    • Governance
  • Week 5: Cost models (capital vs. expense)
  • Week 6: Business case for Cloud Computing
  • Week 7: Risk management in Cloud Computing
  • Week 8: Cloud provider business models
  • Week 9: Contracting with Cloud providers
  • Week 10: Review
  • Week 11-12: Exam support drop-ins

Contracting with Cloud Providers

Importance of Contracts

  • Clearly define service provision, costs, roles, and responsibilities
  • Manage risk and handle dispute resolution
  • Adapt to changes in service needs

Contractual Changes with Cloud Services

  • Old Method: Customized agreements, long negotiation
  • New Method: Standardized, virtualized solutions with immediate agreement
  • Deal Structure: From complex and inflexible to simpler, more flexible arrangements
  • Delivery Model: Shift from 1:1 to 1:many cloud models

Contractual Elements

  • Service Provided: Define services, incident management, and customer expectations
  • Payment: Fixed versus variable fees, metered usage, and deadlines for changes
  • Dispute Resolution: Terms for cancellation, penalties, liability, and intellectual property
  • Roles & Responsibilities: Define between provider and customer (security, data protection)

GDPR Overview

  • Data Controller vs. Data Processor roles
  • Compliance with AML, FATCA, CRS

Service Level Agreements (SLAs)

  • Measure supplier performance: availability, reliability, scalability
  • Service credits for downtime
  • Examples from Terremark and Rackspace

Managing Risk through Contracts

  • Identify risks: scope creep, technology issues, supplier reliability
  • Risk responses: avoidance, acceptance, transference, mitigation
  • Contract terms aligning with risk responses

Legal Issues in Contracts

  • Compliance with standards like ISO27001
  • Specific compliance terms for Microsoft Azure

Summary

  • Contracts are crucial in cloud services with detailed definitions
  • GDPR compliance is essential
  • SLAs form the basis for measuring provider performance

Seminar Focus

  • Selecting appropriate cloud service providers
  • Writing effective contracts for cloud services

View note sourcehttps://drive.google.com/file/d/1igj8HOuvW4HjAZuoVZAShclS6pRbdpxp/view?usp=sharing