Advertisment

Gartner Highlights Four Risks CIOs Should Address When Contracting for Cloud Services

author-image
PCQ Bureau
New Update

The four risky issues for CIOs, when contracting for cloud services include:

Advertisment

Cloud Sourcing Contracts Are Not Mature for All Markets

When analyzing cloud sourcing contracts, it is often obvious whether the cloud service provider wrote the contract with larger, more mature corporations, or the consumer side of the market, in mind. For example, there are cloud service contracts from traditional service providers for their private cloud offerings; these tend to include more generally acceptable terms and conditions. Gartner also sees many cloud-sourcing contracts that lack descriptions of cloud service providers' responsibilities and do not meet the general legal, regulatory and commercial contracting requirements of most enterprise organizations.

Gartner advises organizations to carefully assess the risks associated with cloud sourcing contracts. Areas such as data-handling policies and procedures can have a negative impact on the business case (for example, additional backup procedures or a fee for data access after cancellation) potentially creating compliancy issues and cost increases, and indicating specific risk mitigation activities.

Advertisment

Contract Terms Generally Favor the Vendor

Organizations that successfully outsource, evolve more partnership-style relationships with their vendors. Cloud service contracts do not lend themselves to such partnerships - mainly because of the high degree of contract standardization - where terms are consistent for every customer, and service is typically delivered remotely rather than locally.

An organization needs to understand that it is one of many customers and that customization breaks the model of industrialized service delivery. Cloud service contracts are currently written in very standardized terms, and buying organizations need to be clear about what they can accept and what is negotiable. To manage cloud services contracts successfully, organizations need to manage user expectations.

Contracts Are Opaque and Easily Changed

Advertisment

Contracts from cloud service providers are not long documents. Certain clauses are not very detailed, as URL links to Web pages detail additional terms and conditions. These details are often critical to the quality of service and the price (such as SLAs) for uptime or performance, service and support terms, and even the description of the core functionality of the offering. Clauses that are only fully documented on these Web pages can change over time; often without any prior notice.

Organizations need to ensure that they understand the complete structure of their cloud sourcing contract, including the terms that are detailed outside of the main contract. They need to be sure that these terms cannot change for the period of the contract and, ideally, for at least the first renewal term without forewarning. It is also critical to understand what parts of the contracts can be changed and when the change will take place.

Contracts Do Not Have Clear Service Commitments

Advertisment

As the cloud services market matures, increasing numbers of cloud service providers include SLAs in URL documents referenced in their contracts and, in fewer cases, in the contract itself. Usually, the cloud service providers limit their area of responsibility to what is in their own network as they cannot control the public network. Things are improving, but service commitments remain vague.

When deciding whether to invest in cloud offerings, buyers should understand what they can do, if the service fails or performs badly. They should understand whether the SLAs are acceptable and if the credit mechanisms will lead to a change in the providers' behavior; if not, they should negotiate terms that meet their requirements - or not engage.

Additional information is available in the Gartner report "Four Risky Issues When Contracting for Cloud Services." The report is available on Gartner's website at http://www.gartner.com/resId=1543314.

Advertisment