Our cloud guidance is highly summarised and there are other complementary, more detailed guides on offer.
• The National Cyber Security Centre (NCSC) provides guidance on security specific to cloud services. It covers how to configure, deploy and use cloud services securely.4
• The Chartered Institute of Public Finance and Accountancy (CIPFA) provides a guide to the accounting questions raised by buying software and technology 'as a service'. Compared to traditional technology procurement, this may move expenditure from capital to revenue.5
• The Financial Conduct Authority (FCA) provides a guide for firms outsourcing to the cloud and other third-party IT services. This guidance helps firms to oversee the life cycle of their outsourcing arrangements. This ranges from making the decision to outsource, selecting an outsource provider, and monitoring outsourced activities on an ongoing basis, through to exit.6
• Gartner has produced a framework for how moving to cloud services should be managed via the following steps: (a) Build skills and assess applications; (b) Select cloud providers and services; (c) Design cloud services and manage risks; (d) Estimate the bill and establish governance; (e) Provide and automate cloud services; (f) Operate cloud environments at scale.
_________________________________________________________________________
4 Available at: www.ncsc.gov.uk/collection/cloud-security, accessed 26 March 2019.
5 The Chartered Institute of Public Finance and Accountancy, Accounting for the cloud, March 2017. Available at: www.cipfa.org/policy-and-guidance/reports/accounting-for-the-cloud
6 Financial Conduct Authority, FG16/5 Guidance for firms outsourcing to the 'cloud' and other third-party IT services, July 2018. Available at: www.fca.org.uk/publication/fnalised-guidance/fg16-5.pdf