Moving to the cloud has become an attractive option for many businesses, either as an internal private cloud or more often to an external hybrid cloud operated by a Cloud Provider. As with the selection of any other external services supplier, selecting the Cloud Provider that best meets your business needs is not a trivial task. Selecting the wrong Cloud Provider could be harmful to the business.
It must be clearly understood that you are choosing a business partner with whom you will have a long-term business relationship. The selection process is therefore not just assessing technical competence and capability but looking at the cultural fit between your two organisations.
Step One – Requirements Audit
Before you can assess the services provided by a Cloud Provider, you need to set out your own requirements.
This involves setting out your requirements on a company-wide basis. They should be broken down into three main categories, Mandatory, Desirable and Nice-to-Have. Each business process within the organisation needs to set out its specific requirements, which are then amalgamated into a composite company requirements document.
In some cases, weightings can be used to set out the relative importance of each requirement. A conformity rating times the weighting will give a score for each requirement. The Cloud Provider with the highest cumulative score is a supportable winner.
A small task team is often used to carry out the audit.
Step 2 – Prepare and Issue an Invitation to Tender
This step takes the requirements statement, tops and tails it with a broader statement of the company’s requirements and other supporting material thought to be relevant and issues it, either for public responses or to known potential suppliers.
The other relevant material usually includes:
- A Company Overview
- An Executive Summary
- Indicative transaction and data volumes
- A list of reference sites
- Any known future needs
- Contact details
Remember to specify a closing date and submission procedure for responses. For example, are electronically submitted responses acceptable, or must all responses come in hard copy. If so, state where and how delivery is made.
Step 3 – Field Enquiries
With the best will in the world, and with the best IT in the world, potential suppliers will contact you. They do this to gauge if you are serious and worth investing time and effort in preparing a response, and to try to establish relationships between your two organisations. It is also useful from your point of view to assess them and see if they are a business partner you would be comfortable working with.
Step 4 – Selection and Shortlisting
You now have all the responses. The task team will now review all the responses against the requirements specification and if appropriate calculate scores.
The outcome of the review process is a shortlist, made up of a preferred supplier and a backup supplier if you can’t draw up a suitable contract with the preferred supplier.
The team may need to contact potential suppliers to discuss any points of concern. They should also take up references. Be aware that a potential supplier will only provide references that are likely to be favourable to them, so it is also often useful to trawl the Internet to see if there are any other references to them.
In some circumstances, a site visit could be useful.
Step 5 – Contract Negotiations
It is very important at this stage to ensure that you have a firm contractual basis on which you operate with your Cloud Provider. They will probably have put forward a standard hosting plan, which will perhaps need additional items, for example, SSD storage instead of HDD.
Other areas to be thoroughly explored include security and business recovery. Security requirements will be explicitly set out in the requirements document, but the potential supplier needs to make you comfortable with their approach to data and IP security and how your requirements are met. You should also explore any other security features they provide to see if they are relevant.
Their business recovery processes must also be reviewed to ensure that in the event of a catastrophic failure, they are up and running as quickly as possible, or can provide you with access to a comprehensive backup set that you can provide to an alternative supplier. Prolonged loss of service can be devastating to a business, especially to e-commerce organisations.
From your side, you need to have several additional things in black and white in the agreement:
- Service Levels
- Remedial steps and penalties for failure to meet service levels. Any exceptions need to be explicitly stated
- Frequency of management meetings. Over time, things tend to slide as your Cloud Provider becomes part of the furniture. Regular management review meetings will help to maintain focus.
- Mutual no-poaching of staff
If you cannot agree on these items, walk away and move to the backup supplier. These steps should help you find your ideal Cloud Service supplier.