What is Cloud- Compliance, -Governance, and -Management?


Cloud Governance is the set of decision items, decision bodies, responsibilities, decision-making styles, and control functions that enterprises deem necessary to effect sensible and fit-for-purpose Cloud Compliance and Management. Enterprises will have to define committees, councils, boards, and line functions to enable consistent and compliant cloud decisions. There are many variations in topical focus, decision locus, regular intervals, escalations, and documentation for each governance body. We frequently see data governance, data protection, and information security having to follow non-negotiable, centrally determined standards while cost management is performed by the business-aligned IT function at the business unit level. Naturally, many aspects of Cloud Governance are borrowed from IT Governance, but the risks inherent in the operation of cloud services necessitates review and possible amendment or extension of the established IT Governance framework.

Cloud Compliance creates a level playing field for demand- and supply-side qualification for each potential cloud use case. This enables diligent decision-making and documentation by heterogeneous expert teams, thereby generating invisible efficiency in the early stages of any cloud migration. It helps enterprises to become fully aware of the kind of service they want and need, whether it has to be a cloud service at all, and what strings are attached. Think of it as setting the scene for cloud migration at the management level before the actual transition. Both its normative aspects and its quality as an auditable risk type control make Cloud Compliance an important part of Cloud Governance.

Cloud Management deals with the day-to-day activities that will have to beperformed for each cloud service. The spectrum of Cloud Management activities is broad and includes activities like SLA monitoring, licence management, incident/problem/event management, access and identity management, backup and recovery management, and other aspects.


Dr. Tobias Höllwarth
President EuroCloud Europe
Member of the FIC Advisory Board
Associate at Sourcing International