Cloud Computing Governance Readiness Assessment: Case Study Of A Local Airline Company

Abstract

Cloud computing has emerged as an important platform to organizations seeking innovative ways to save money and increase the trust and value of their information systems. It has shifted the traditional IT paradigm by extending Information Technology’s existing capabilities by offering high scalability capabilities, reduced time to market, transformation of CAPEX to OPEX thus offering cost advantages as well as efficient use of computing resources due to pay-per-use nature of cloud services. To reap the many benefits cloud computing offers, an organization needs to have a clear cloud governance framework, which must be continually improved to address the emerging cloud computing challenges. Many cloud consumers have extended their IT governance frameworks to their cloud services; however, these frameworks don’t adequately address governance challenges in cloud environments. Additionally, most consumers don’t have quantitative mechanisms to measure their cloud computing governance maturity, and therefore may not identify the opportunities to improve their cloud governance frameworks to attain a higher maturity level. This research developed a conceptual model, which was used to analyze the cloud computing readiness of a local airline company. Path analysis was used to evaluate the correlation between the various model components and effective cloud governance, and to what extent these components contribute to effective cloud governance. From the path analysis results, existence of expectation management, capacity management, change management, risk management, security management and exit strategy were established to be necessary for effective cloud governance. The beta correlation co-efficient values were summed and compared with the class limits of a model developed from the cloud computing capability maturity model to assess the cloud governance readiness of the organization. The total of beta correlation co-efficient values from path analysis was 3.048, which falls within the limits of initial level of cloud governance maturity level. Finally, the research recommended multi-factor authentication, definition clear encryption key management responsibility, clear backup and recovery procedures, formulation of cloud exit policy as well as proper resource management; both human resources as well as computing resources as the necessary drivers towards achieving a higher cloud governance maturity level.