As businesses and government agencies increasingly begin to host applications in the public cloud, they realize that it's a new frontier in terms of contract negotiations. Service levels, data access, scalability and security are just a few of the issues that CIOs need to ensure before the services are deployed. And while some of these concerns are similar to outsourcing contracts of the past, there are new wrinkles to consider as well.
You "have to understand and define mission success," says Julie Boughn, CIO of the U.S. government's Centers for Medicare and Medicaid Services (CMS). "Success is not building a system; business outcomes are key, and that has to be critical for cloud-based services."
Boughn is currently interested in cloud models for low-risk administrative operations such as e-mail and office applications. For example, CMS, a division of the Health and Human Services agency, uses a customer service capability to track and manage public relations events. Managing that in-house would require a custom-built program and new computing resources, she says, and since it's not mission-critical, CMS is using Salesforce.com as the service provider for the application. Service level agreements need to address very specific details, such as how many concurrent users need to be supported, she says.