Professional Documents
Culture Documents
CCS336 CSM PART A AND B Question and Answers
CCS336 CSM PART A AND B Question and Answers
PART-B:
1. Explain in detail about the Cloud Ecosystem.
2. Describe the Characteristics of Cloud Computing.
3. Describe the concepts of perspective in cloud computing.
4. Explain in detail about the cloud service model.
5. Explain in detail about the deployment model.
1
lOMoARcPSD|30731768
PART-A:
1. Define Cloud.
The cloud is a technology that uses remote servers on the internet to store,
manage and access data online rather than local drives.
2. What is meant by Cloud computing?
Cloud computing refers to the delivery of computing services over the
internet, including storage, processing power, and software applications. It
allows users to access resources and services on-demand, without the need for
physical infrastructure or local servers.
3. List out the main characteristics of cloud.
On demand self-services
Broad Network access
Multi tenancy and Resource Pooling
Rapid Elasticity
Measured Service
4. Name the service models available in cloud computing.
IaaS - Infrastructure as a Service
PaaS - Platform as a Service
SaaS - Software as a Service
5. State Deployment model of Cloud Computing.
Public cloud
Private Cloud
Hybrid cloud
Community cloud
6. Give the advantages of cloud computing.
Improved accessibility
Optimum resource utilization
Scalability and need
Minimizes licencing cost of software
Less personnel training
7. What is meant by cloud eco system?
A cloud ecosystem is a dynamic system of interdependent elements, all
of which work together to make cloud services possible. In nature, an ecosystem
2
lOMoARcPSD|30731768
consists of objects that are linked and work together that are living and non-
living.
8. What are the benefits of ITSM?
Aligning IT teams with business priorities through success metrics.
Enabling cross-department collaboration
Empowering IT teams to share knowledge and continuously improve
Improving request coordination for more efficiency service.
Responding more quickly to major incidents, and preventing future
ones.
9. List out the core ITSM processes.
Service Request Management
Knowledge management
IT asset management
Incident management
Problem Management
Change management
10. List out the main actors of the Cloud Ecosystem.
Cloud Service User -Cloud service user (CSU) is an individual or company who
uses cloud services that are distributed. End-users may be individuals,
machines, or apps.
Cloud service Provider -A company that provides and manages the cloud
services provided.
Cloud Service Partner -An entity or organization which supports the creation
of the service offer by a partner.
11. What are the main features of using continuous delivery?
Visibility: Everyone on the team can see the entire system and collaborate.
Feedback: All team members are notified immediately of any issues.
Continual Deployment: Any version of the software can be deployed to
any environment.
12. What are the advantages of using PaaS
Simple, cost-effective development and deployment of apps
Developers can customize SaaS apps without the headache of maintaining the
software
Provide automation of Business Policy
3
lOMoARcPSD|30731768
4
lOMoARcPSD|30731768
PART -B
5
lOMoARcPSD|30731768
6
lOMoARcPSD|30731768
7
lOMoARcPSD|30731768
must be billed according to how much of the service they use, and the cloud
provider must be able to measure this usage.
vi)Security:
Users of cloud computing are particularly concerned about data security.
Cloud service providers store users' encrypted data and offer additional
security features like user authentication and protection against breaches and
other threats.
User authentication entails identifying and verifying a user's authorization.
Access is denied to the user if they do not have permission. Data servers are
physically protected. These servers are usually kept in a secure, isolated
location to prevent unauthorized access or disruption.
vii)Automation:
Automation in cloud computing refers to a cloud service's ability to be
installed, configured, and maintained automatically. In other words, it is the
process of maximizing technology and minimizing the amount of manual labor
necessary. However, it is not simple to automate the cloud ecosystem. It
requires the deployment of significant storage, servers, and virtual machines.
After successful deployment, these resources need to be maintained.
viii)Budget Friendly:
Businesses can reduce their IT expenses by utilizing this aspect of the cloud.
In cloud computing, the client is responsible for paying the administration for
any space they use. There are no additional fees or hidden costs to be paid.
ix)Flexibility:
Cloud computing users can access data or services with internet-enabled
devices like smartphones and laptops. You can instantly access anything you
want in the cloud with just a click, making working with data and sharing it
simple.
Many businesses prefer to store their work on cloud systems because it
facilitates collaboration and saves money and resources. Its expansion is also
being sped up by the number of features analytic tools offer.
X)Resilience:
Resilience in cloud computing refers to a service's capacity to quickly recover
from any disruption. The speed at which a cloud's servers, databases, and
network system restart and recover from damage or harm is a measure of its
resilience.
8
lOMoARcPSD|30731768
9
lOMoARcPSD|30731768
availability of services. The SCRUM Team works very hard to anticipate what a user’s
experience will be and base all of their efforts off from this projection known to them as
a “user story.”
Version Control:
When version control is employed, not only is code made available throughout an
organization with proper access controls, but every change is recorded and accessible.
Prior to cloud-hosted version control, thousands of hours of work and code have been
lost (either buried in a project as commented lines or deleted entirely).
Continuous Integration(CI):
The first step down the pipeline is the ‘build server’ that takes every version of the
code in the version-controlled source code repository to run preliminary tests. This will
ensure that the code does not negatively affect code submitted by other developers.
Continuous Delivery (CD):
After the software is built and all of the automated tests are successful the code is
made available for user acceptance testing (UAT). At the heart of CD is automation. The
main features provided by a CD solution are:
Visibility: Everyone on the team can see the entire system and collaborate.
Feedback: All team members are notified immediately of any issues.
Continual Deployment: Any version of the software can be deployed to any
environment.
4.Explain in detail about the cloud service model.
There are the following three types of cloud service models -
1. Infrastructure as a Service (IaaS)
2. Platform as a Service (PaaS)
3. Software as a Service (SaaS)
10
lOMoARcPSD|30731768
Characteristics of IaaS:
There are the following characteristics of IaaS -
Resources are available as a service
Services are highly scalable
Dynamic and flexible
GUI and API-based access
Automated administrative tasks
Example: DigitalOcean, Linode, Amazon Web Services (AWS), Microsoft Azure,
Google Compute Engine (GCE), Rackspace, and Cisco Metacloud.
Advantages of IaaS:
Easy to automate the deployment of storage, networking, and servers.
Hardware purchases can be based on consumption.
Clients keep complete control of their underlying infrastructure.
The provider can deploy the resources to a customer’s environment anytime.
It can be scaled up or downsized according to your needs.
Disadvantages of IaaS:
You should ensure that your apps and operating systems are working correctly
and providing the utmost security.
You’re in charge of the data, so if any of it is lost, it’s up to you to recover it.
IaaS firms only provide the servers and API, so you must configure everything
else.
Platform as a Service (PaaS):
PaaS cloud computing platform is created for the programmer to develop, test,
run, and manage the applications.
Characteristics of PaaS:
There are the following characteristics of PaaS -
o Accessible to various users via the same development application.
o Integrates with web services and databases.
o Builds on virtualization technology, so resources can easily be scaled up or
down as per the organization's need.
o Support multiple languages and frameworks.
o Provides an ability to "Auto-scale".
Example: AWS Elastic Beanstalk, Windows Azure, Heroku, Force.com, Google
App Engine, Apache Stratos, Magento Commerce Cloud, and OpenShift.
11
lOMoARcPSD|30731768
Advantages PaaS:
Simple, cost-effective development and deployment of apps
Developers can customize SaaS apps without the headache of maintaining the
software
Provide automation of Business Policy
Easy migration to the Hybrid Model
It allows developers to build applications without the overhead of the
underlying operating system or cloud infrastructure
Offers freedom to developers to focus on the application’s design while the
platform takes care of the language and the database
It helps developers to collaborate with other developers on a single app
Disadvantages of PaaS:
Less flexibility and control
Price
Vendor lock-in
Security
Integration issues
Software as a Service (SaaS):
SaaS is also known as "on-demand software". It is a software in which the
applications are hosted by a cloud service provider. Users can access these
applications with the help of internet connection and web browser.
Characteristics of SaaS:
There are the following characteristics of SaaS -
o Managed from a central location
o Hosted on a remote server
o Accessible over the internet
o Users are not responsible for hardware and software updates. Updates are
applied automatically.
o The services are purchased on the pay-as-per-use basis
Example: BigCommerce, Google Apps, Salesforce, Dropbox, ZenDesk, Cisco
WebEx, ZenDesk, Slack, and GoToMeeting.
Advantages SaaS:
The biggest benefit of using SaaS is that it is easy to set up, so you can start
using it instantly.
Compared with on-premises software, it is more cost-effective.
12
lOMoARcPSD|30731768
Public Cloud:
It is accessible to the public. Public deployment models in the cloud are perfect
for organizations with growing and fluctuating demands. It also makes a great
choice for companies with low-security concerns. It is also a great delivery model
for the teams with development and testing. Its configuration and deployment are
quick and easy, making it an ideal choice for test environments.
13
lOMoARcPSD|30731768
14
lOMoARcPSD|30731768
15
lOMoARcPSD|30731768
16
lOMoARcPSD|30731768
17
lOMoARcPSD|30731768
PART-A:
1. What are the main phases of strategic plan in cloud computing?
2. List out the strategic life cycle in cloud computing.
3. What is meant by cloud policy?
4. Define Risk management.
5. List out the process of Risk Management.
6. Why we Need for Risk Management?
7. What is meant by Queueing Theory?
8. Define Change Management.
9. List out types of Risks in Cloud Computing:
10. List out the steps for planning.
11. Give the objectives of demand queuing.
12. What are the characteristics of cloud service capacity planning?
13. Differentiate demand and capacity matching.
PART-B
1. Explain in detail about the Cloud strategy.
2. Describe the concepts of Cloud Policy.
3. Explain the various concepts of Risk Management.
4. Explain in detail about the Queuing theory in Cloud System Management.
5. Explain in detail about the Change Management:
6. Describe the cloud service architecture.
18
lOMoARcPSD|30731768
PART-A:
1. What are the main phases of strategic plan in cloud computing?
Strategy Phase
Planning Phase
Deployment Phase
19
lOMoARcPSD|30731768
20
lOMoARcPSD|30731768
PART-B
21
lOMoARcPSD|30731768
Here the problem analysis & risk analysis for switching to cloud technology is
checked to ensure whether the customer is satisfied in meeting their business goals
or not.
The steps for planning are:
Development of Business Architecture
Development of IT Architecture
QOS development requirement
Development of Transformation plan
Deployment Phase:
Deployment Phase pivots its strategies based on the above two phases of
planning and involves the following steps:
Selecting appropriate providers of Cloud: This selection is made based on
SLA (Service Level Agreement), which defines the level of service the
cloud-provider will provide.
Maintaining the Technical Service: The provider must ensure the proper
maintenance of services by providing the best Quality of Service to their
users.
Factors to Be Consider Before Investing in Cloud:
Many IT firms and companies want to revolutionize their infrastructure &
technology; Cloud computing became a boon for them. It is undeniable that cloud
technology changed the modern scenario of technology, but it is also a truth that
there are certain concerns (such as: security, fast internet connection etc) that
shows its drawbacks. So as users who will invest their money on cloud technology,
they have to consider every aspect thoroughly.
The factors are:
Availability: As soon as all your business-critical data get stored in the cloud
storage, it becomes essential to check whether the data is available or not,
whether the data is secured or there are loopholes that might become the
reason of the downfall of an organization's business. Therefore, as a user you
should stay focus & check this aspect with the service provider before
signing the deal.
Compliance: Even though it seems that all data gets stored in the cloud
storage, but data resides on multiple servers; these servers are located in
different nations of the globe. Though it has an advantage for data
availability, users must concern about the legality issue; the issue in the sense
22
lOMoARcPSD|30731768
Cloud policies are the guidelines under which companies operate in the
cloud. cloud policies can also be used for financial management, cost optimization,
performance management, and network security.
Cloud computing offers companies a number of advantages including low
costs, high performance, and the quick delivery of services. However, without the
implementation and enforcement of cloud policies, companies can be exposed to
the risks of data loss, spiraling costs, and underperforming assets.
Cloud Computing Policy
This policy applies to all persons accessing and using 3 rd party services
capable of storing or transmitting protected or sensitive electronic data that are
owned or leased by Loyola University Chicago, all consultants or agents of Loyola
University Chicago and any parties who are contractually bound to handle data
23
lOMoARcPSD|30731768
24
lOMoARcPSD|30731768
25
lOMoARcPSD|30731768
Definitions:
Loyola Protected Data - Any data that contains personally identifiable
information concerning any individual and is regulated by local, state, or Federal
privacy regulations.
Loyola Sensitive Data - Any data that is not classified as Loyola Protected Data,
but which is information that Loyola would not distribute to the general public.
Loyola Public Data - Any data that Loyola is comfortable distributing to the
general public.
General Data Protection Terms:
The University must specify particular data protection terms in a contract with a
cloud-computing vendor. In this way, the University creates a minimum level of
security for University data. A minimum level of security ensures that the
University data is kept confidential, is not changed inappropriately, and is
available to the University as needed.
The University should consider the following contract terms to ensure a minimum
level of information security protection:
Data transmission and encryption requirements
Authentication and authorization mechanisms
Intrusion detection and prevention mechanisms
Logging and log review requirements
Security scan and audit requirements
Security training and awareness requirements
Risk Management:
Risk management is the process of identifying, assessing, and controlling
threats to an organisation's system security, capital and resources. Effective risk
management means attempting to control future outcomes proactively rather than
reactively. Risk management allows organisations to prevent and mitigate any
threats, service disruptions, attacks or compromises by quantifying the risks below
the threshold of acceptable level of risks.
Process of Risk Management:
26
lOMoARcPSD|30731768
27
lOMoARcPSD|30731768
28
lOMoARcPSD|30731768
Internal security risks in cloud computing include the challenges that arise due to
mismanagement by the organisation or the cloud service provide. Some internal
security risks involve:
1. Misconfiguration of settings - Misconfiguration of cloud security settings,
either by the organisation workforce or by the cloud service provider, exposes
the risk of a data breach. Most small businesses cloud security and risk
management are inadequate for protecting their cloud infrastructure.
2. Malicious Insiders - A malicious insider is a person working in the
organisation and therefore already has authorized access to the confidential
data and resources of the organization. With cloud deployments, organisations
lack control over the underlying infrastructure; making it very hard to detect
malicious insiders.
External Security Risks:
External security risks are threats to an organisation arising from the improper
handling of the resources by its users and targeted attacks by hackers. Some of the
external security risks involve:
1. Unauthorized Access - The cloud-based deployment of the organisation's
infrastructure is outside the network perimeter and directly accessible from the
public internet. Therefore, it is easier for the attacker to get unauthorized
access to the server with the compromised credentials.
2. Accounts Hijacking - The use of a weak or repetitive password allows
attackers to gain control over multiple accounts using a single stolen password.
Moreover, organizations using cloud infrastructure cannot often identify and
respond to such threats.
3. Insecure APIs - The Application Programming Interfaces(APIs) provided by
the cloud service provider to the user are well-documented for ease of use. A
potential attacker might use this documentation to attack the data and resources
of the organisation.
Need for Risk Management:
These risks need to be treated proactively by implementing risk management
strategies. By implementing a risk management plan and considering the various
potential risks or events before they occur, an organisation may save money and
time and protect its future. In cloud computing, the organisation sets risk
management plans which help them to identify appropriate cloud vendors and
29
lOMoARcPSD|30731768
service providers, make proper service-level agreements and set up better budgeting
plans.
Benefits of Risk Management:
Risk management enables organisations to ensure any potential threats to cloud-
deployments security, assets, and business plans are identified and treated before
they derail the organisation's goals. It has far-reaching benefits that can
fundamentally change the decision making process of the organisation. Here are
some benefits of robust risk management:
1. Forecast Probable Issues - The risk management process in cloud computing
identifies all the possible risks or threats associated with the cloud service
provider, the cloud vendor, the organisation, and the users. It helps an
organisations to mitigate risks by implementing appropiate control strategies
and create a better business plan.
2. Increases the scope of growth - Risk management in cloud computing forces
organisations to study the risk factors in detail. Thus, the workforce is aware
of all the possible catastrophic events; and the organisation creates a
framework that can be deployed to avoid risks that are decremental to both the
organisation and the environment. Hence, risk management enables
organisations to take a calculated risks and accelerate their growth.
3. Business Process Improvement - Risk Management requires organisations to
collect information about their processes and operations. As a result,
organisations can find inefficient processes or the scope for improvement in a
process.
4. Better Budgeting - Organisations implementing risk management strategies
often have clear insights into the finances. Thus, they can create more efficient
budgets to implement risk management plans and achieve the organisational
goals.
Data Protection Risk Cloud's Impact on IT Operations:
With IT companies switching infrastructure to cloud deployments, the risk for
data protection becomes essential. The area-specific data protection laws make it
hard for companies to comply with the regulations. Moreover, with personal data
stored in the cloud, determining the geographical location of the data can be
challenging. Therefore, it becomes difficult to hold the applicable law. Hence,
developing a hurdle in the IT operations of the company.
Best Practices for Risk Management in Cloud Computing:
30
lOMoARcPSD|30731768
The Queuing system in cloud service system consists of input source i.e.,
source of requests, queuing process which has waiting requests in the queue to be
served, server process which comprises of servers to process the various requests in
the queue.
Queueing theory in cloud computing:
31
lOMoARcPSD|30731768
The queuing system in cloud service system consist of input source i.e. source
of requests, queuing process which has waiting requests in the queue to be served,
service process which comprises of servers to process the various requests in the
Queue Depart
Arrival Queuing Service
Input Source Process Process
Process Order Service
queue. There can be finite capacity queuing systems or infinite capacity queuing
systems and the various characteristics
32
lOMoARcPSD|30731768
and the service times are distributed exponentially with an average of „µ‟
customers per unit. Some example application areas of this model are: -
Counters in library to address the service of issuing/returning books,
Counters in telephone exchange to service the bill requests.
Counters at the frontier to check the passports.
Counters at tax consulting offices to receive requests concerning
income and sales tax.
M/G/S MODEL:
In this model, the queuing system involves multiple servers „S‟ in
parallel. This model is an extension of M/M/C or M/G/1 queue where
service times are exponentially distributed and a single server system
respectively. The inter-arrival times in this model is exponentially
distributed with parameter „λ‟ and service times follow general
probability distribution instead of an exponential one. It is assumed that
length of inter arrival times and service periods are independent
statistically This model can be deployed in systems comprising of self-
service mechanisms such as restaurants with self-service filling and
refilling activity, traffic light systems, etc.
33
lOMoARcPSD|30731768
34
lOMoARcPSD|30731768
2. Compliance Changes:
To keep pace with the regulatory requirements and avoid penalties, IT teams
must be up to date with the compliance changes. Every industry has a different set
of compliances.
For example, the healthcare industry is governed by HIPAA, which makes
stringent guidelines and security protocols mandatory for certain kinds of patient
health data.
3. Multi-Functional Teams Required:
Every change initiative requires cross-functional expertise. To improve
flexibility and speed up the process, you can establish pre-approval for specific tasks
and scenarios such as DNS updates. Change leaders can also consider using
the RACI matrix for clarity in roles and responsibilities.
4. Cloud Resource Management:
Several companies shift to the cloud to increase their data storage capacity.
However, if your employees use it for storing their personal information, there will
35
lOMoARcPSD|30731768
be a misuse of cloud resources. Consider establishing clear processes & policies for
managing cloud usage with transparency.
The Process Flow of Cloud Change Management:
Given the complex nature of cloud deployment, here is the process flow of
cloud change management to ease your transition:
1. Configuration in Cloud:
Change leaders must decide on the configuration requirements and a cloud
service provider. Additionally, there must be leadership buy-in for cloud-based tools
to undertake configuration changes and track the management approval process.
2. Initiate Change Management Process:
Create a robust change management plan with clear implementation timelines.
Use a sandbox environment for pilot testing and then scale the initiative after making
required changes.
3. Automate the Deployment:
An optimized cloud configuration will automate the deployment process,
ensuring repeatability and consistency across multiple environments and enabling
automation of testing procedures. Automation does not guarantee a successful
change implementation; it reduces risk and brings standardization.
For example, if an automated security test is pre-approved for deployment
purposes, there is no security review requirement during the change approval
process.
4. Use Change Management Tools to Drive Change:
With every change initiative, employee upskilling and reskilling becomes a
challenging task. Implementing digital adoption platforms(DAP) alongside your
cloud implementation will take you a step closer to effortless change roll-outs.
5. Review & Record the Process:
Since cloud change management is a continuous process, organizations need
to schedule regular feedback mechanisms, make required iterations and document
the process for future reference.
36
lOMoARcPSD|30731768
Cloud Computing Architecture is divided into two parts, i.e., front-end and
back-end. Front-end and back-end communicate via a network or internet. A
diagrammatic representation of cloud computing architecture is shown below:
37
lOMoARcPSD|30731768
Depending upon the client requirement, the application provides the result to
the end-user (with resources) in the back end
Service:
Service is an essential component in cloud architecture
Its responsibility is to provide utility in the architecture
In a Cloud, few widely used services among the end-users are storage
application development environments and web services
Storage:
It stores and maintains data like files, videos, documents, etc. over the internet
Some of the popular examples of storage services are below:
Amazon S3
Oracle Cloud-Storage
Microsoft Azure Storage
Its capacity varies depending upon the service providers available in the
market
Management:
Its task is to allot specific resources to a specific task, it simultaneously
performs various functions of the cloud environment
It helps in the management of components like application, task, service,
security, data storage, and cloud infrastructure
In simple terms, it establishes coordination among the cloud resources
Security:
Security is an integral part of back-end cloud infrastructure
It provides secure cloud resources, systems, files, and infrastructure to end-
users
Also, it implements security management to the cloud server with virtual
firewalls which results in preventing data loss
Benefits of Cloud Computing Architecture:
The cloud computing architecture is designed in such a way that:
It solves latency issues and improves data processing requirements
It reduces IT operating costs and gives good accessibility to access data and
digital tools
It helps businesses to easily scale up and scale down their cloud resources
It has a flexibility feature which gives businesses a competitive advantage
38
lOMoARcPSD|30731768
Cloud service reference model, Cloud service life cycle, Basics of cloud service
design, dealing with legacy systems and services, Benchmarking of cloud services,
Cloud service capacity planning, Cloud service Deployment and migration, Cloud
marketplace, Cloud service operations management
PART-A
39
lOMoARcPSD|30731768
PART-A
1. Define Reference Model.
The Cloud Computing Reference Model is an abstract model that defines the
cloud vocabulary and design elements, the set of configuration rules, and the
semantic interpretation.
3. List out the function layers of cloud computing reference model.
The Cloud Computing Reference Model is divided into three cross functional
Layers:
1. Software as a Service (SaaS)
2. Platform as a Service (PaaS)
3. Infrastructure as a Service (IaaS)
3. What are the different stages of cloud computing life cycle?
Service strategy
Service design
Service transition
Service operation
Service improvement
Service retirement
4. Why we need a service catalog?
A service catalog is helpful to identify your cloud users to determine their
needs. The role of the service catalog is to bridge that gap. The service catalog
enables IT to define the areas of configuration and choice that users can select,
according to their role.
5. What is Benchmarking in the Cloud?
40
lOMoARcPSD|30731768
41
lOMoARcPSD|30731768
Yes, All purchases are made through a single cloud vendor, rather than
routing thousands of products through different vendors for approval. Cloud
marketplaces also provide a single source of billing and invoicing,
12. List out the advantages of cloud services design.
Accessibility anywhere, with any device.
Ability to get rid of most or all hardware and software.
Centralized data security.
Higher performance and availability.
Quick application deployment.
Instant business insights.
Business continuity.
42
lOMoARcPSD|30731768
43
lOMoARcPSD|30731768
44
lOMoARcPSD|30731768
PART-B:
1.Explain in detail about the cloud computing reference model.
The Cloud Computing Reference Model is an abstract model that defines the
cloud vocabulary and design elements, the set of configuration rules, and the
semantic interpretation.
The Cloud Computing Reference Model is divided into three cross functional
Layers:
1. Software as a Service (SaaS)
2. Platform as a Service (PaaS)
3. Infrastructure as a Service (IaaS)
Software as a Service (SaaS):
Software as a service is a software delivery model where licensed software,
usually on a subscription basis, is centrally hosted and used by customers over the
internet via a web browser or through client software. It is also referred to as on-
demand software or web-based/web-hosted software.
SaaS is currently the most common cloud computing service. Day-to-day
workforce applications such as Slack, Zoom, and Customer Resource
Management (CRM) software are prime examples of SaaS.
Platform as a Service (PaaS)
Platform as a Service is a cloud computing model which provides customers
with a complete platform to develop and run their applications. This includes
hardware, software, infrastructure like servers, storage, databases, and
development tools hosted at the vendor’s data centre. This helps avoid the cost,
complexity, and inflexibility of maintaining this on-premise. Developers can build
and deploy apps on the cloud without worrying about the underlying architecture
and resource constraints. The cloud provides them with the ability to scale up on
demand and also scale down during idle & low-traffic periods.
Infrastructure as a Service (IaaS)
Infrastructure as a Service is a cloud computing model that deals with
fundamental computing, network and storage. Contrary to PaaS, it provides the
lowest level of resources on the cloud.
Cloud Reference Model:
The NIST cloud computing model comprises five crucial features:
Measured Service
45
lOMoARcPSD|30731768
On-demand self-service
Resource pooling
Rapid elasticity
Broad network access
They follow the same three service models defined earlier: SaaS, PaaS and IaaS,
and mention four deployment models: i.e., Private, Community, Public,
and Hybrid cloud.
The CSA Cloud Reference Model:
Security in the cloud is a rising concern. With so much data being available and
distributed on the cloud, vendors must establish proper controls and boundaries.
The Cloud Security Alliance (CSA) reference model defines these
responsibilities. It states that IaaS is the most basic level of service, followed by
PaaS and then SaaS. Each of them inherits the security intricacies of the
predecessor, which also means that any concerns are propagated forward. The
proposal from the CSA is that any cloud computing model should include the
below-mentioned security mechanisms:
Access control
Audit trail
Certification
Authority
The OCCI Cloud Reference Model:
The Open Cloud Computing Interface (OCCI) is a set of specifications and
standards that defines how various cloud vendors deliver services to their
customers. It helps streamline the creation of system calls and APIs for every
provider. This model not only helps with security but also helps create managed
services, monitoring, and other system management tasks that can be beneficial.
The main pillars of the OCCI cloud computing reference model are:
Interoperability – Enable diverse cloud providers to operate simultaneously
without data translation between multiple API calls
Portability – Move away from vendor lock-in and allow customers to move
among providers depending on their business objectives with limited technical
expenses, thus fostering competition in the market
Integration – The feature can be offered to the customer with any
infrastructure
46
lOMoARcPSD|30731768
The Cloud Service Lifecycle is the process of delivering and managing cloud
services over their entire lifecycle. It consists of four phases: Service Strategy,
Service Design, Service Operation, and Service Retirement.
1. Service Strategy: In this phase, the business goals and objectives of the cloud
47
lOMoARcPSD|30731768
service are identified, and a plan is created to meet those goals and objectives. The
service provider should determine the target market, the pricing model, the service
level agreement (SLA), and the key performance indicators (KPIs) for the service.
2. Service Design: In this phase, the service provider designs the cloud service to
meet the identified business goals and objectives. This includes determining the
technical requirements, the architecture of the service, and the processes for
managing the service. In this phase, the service provider must consider the security,
privacy, and compliance requirements of the service.
3. Service Operation: In this phase, the cloud service is made available to the
customers. The service provider must monitor the service to ensure it is performing
as expected and meet the SLA and KPIs. The service provider must also provide
customer support and resolve any issues that arise.
4. Service Retirement: In this phase, the service provider determines when to retire
the cloud service. This may be due to changes in business requirements, or the
Service
Design
Service
Service
Continuous Service
Improvement
service may have reached its end of life. The service provider must ensure that
customers are given adequate notice and have a plan to migrate to a new service.
The service provider should also ensure that data is properly disposed of according
to the security and privacy policies.
3.Explain in detail about the Benchmarking in cloud computing.
Benchmarking in the cloud is a practice that measures and documents the
current performance and configurations of an application environment.
Cloud baselines support application discovery in the sense that both are used
in the Validation stage or the post-migration stage where the cloud migration
assessment is performed. Without application discovery, it would be a challenge to
generate cloud baselines because you don't know what resources you are getting
48
lOMoARcPSD|30731768
baselines from. Without cloud baselines, knowing how your current environment is
structured would not make sense at all because you're going to move them to the
cloud anyway
For user experience metrics, you should review the business objectives you
have defined at the onset of your planning. Then generate baselines around those
objectives. For instance, one of your business objectives is to improve the time it
takes to process a transaction. You can then measure the peak and average process
times for n transactions in a time range where there are a.) more users than usual
and b.) fewer users than usual.
Benchmarking Challenges
The benchmarking is important in cloud migrations. It is also beneficial for
you to take into account the possible challenges that you may encounter when
generating performance and configuration baselines.
1. Long Preparation & Execution Time for Manual Benchmarking
Gathering data when generating baselines may take some time to execute if
you don't have a tool capable of exporting performance and configuration reports.
Performing benchmarking manually means having to log in to the device(s) directly,
capturing data points from manual queries or GUI-based wizards, refining them to
support your defined business objectives and established KPIs, and organizing them
in accordance with how your environment is structured.
2. Dynamic Nature of Distributed Systems
Distributed systems in production are always changing. The baselines
generated at any given time may no longer represent the target behavior of your
systems after migration. This is why it is important that aside from the validation
stage, which is often only performed once, your target systems in the cloud should
readily be available for monitoring. This allows you to capture data right after the
migration activity for hyper-care monitoring purposes.
3. Performance Isolation
In distributed systems, the behavior of an application may be influenced by
other applications and services running simultaneously. This makes it difficult to
measure the performance metrics of each component separately without a tool
capable of discovering them as individual components. It may result in service
degradation and performance interference.
Generating Cloud Baselines in IT-Conductor
49
lOMoARcPSD|30731768
The common performance baselines you need to capture are the resource
utilization metrics such as CPU/Memory, storage, and network. In IT-Conductor,
you can capture those metrics from the service grid. You can easily drill up/down
components in the service grid to capture the different metrics you need in
generating performance baselines for your source environment.
Cloud Migration:
Cloud migration is a general term used to designate transferring digital operations
from one site to a cloud platform. When you migrate to the cloud, it encompasses data,
processes, and applications to third-party servers.
Benefits of Cloud Migration:
There are several advantages when a company decides to migrate to the cloud.
By choosing a cloud-based solution, organizations can deliver enhanced performance
while staying on top of technology’s latest innovation.
The four primary benefits that companies derive from cloud migration include:
Scalability:
Migration to cloud platforms allows a company to efficiently scale its IT
requirements up or down based on its current demands. It can be difficult to service
customers’ changing demands if operations are locked to a legacy (outdated, but still
in use) infrastructure.
Switching to the cloud allows businesses to drastically alter their operations and
infrastructure to facilitate the current demands without being restricted to quickly
depreciating equipment. The power to promptly scale a company’s workload allows it
to tailor its resource allocation effectively.
Cost:
Organizations that opt for cloud services can substantially reduce operational
costs and unnecessary overhead. They will no longer be tied to leasing equipment or
expensive physical locations, meaning these resources can be put to better use, such as
product development.
Security:
If maintained correctly in the shared security responsibility model, migrating to
the cloud can reduce security flaws found on traditional network systems.
50
lOMoARcPSD|30731768
Flexibility:
Through cloud migration, users can be authorized to access the necessary
services, regardless of their geographical location and their preferred device. This
flexibility creates previously impossible opportunities, allowing a company to branch
into new territories, source talent globally, and expand alongside business demand.
Disaster Recovery:
The duty of disaster recovery is also simplified thanks to many service providers
offering backup and logging functionality. With these protocols integrated into
standard practices, issues can be quickly identified and remedied without a team
needing to be on-site.
By implementing sound and well-thought-out cloud migration strategies,
companies can easily take advantage of reduced costs, scalable solutions, a secure
environment, flexible operations, and greater access to enhanced functionality.
Cloud Migration Strategies:
There are four primary migration strategy approaches that companies can use
when improving their operations.
Rehost:
Rehosting (also known as Lift and Shift) essentially takes an existing system and
transfers it to a cloud-based platform. By choosing an IaaS (Infrastructure as a Service)
provider, the organization recreates its application architecture on top of new
infrastructure.
This approach requires minimal intervention and refactoring, which makes it a
quick procedure. However, by opting to rehost, the company forgoes many benefits
derived from a cloud provider’s native applications.
Companies with low demands from their cloud operations or currently run on several
virtual machines can experience the greatest benefit from this route.
Rehosting may be the quickest method of cloud migration, with some providers
even offering automated tools, but it comes at the cost of optimization.
Refactor:
Refactoring shares similarities to rehosting. A business will reuse its existing
code and framework but will place it on a PaaS (Platform as a Service) instead of an
IaaS.
Revise:
Revising is a migration strategy that uses part of an existing codebase while
rewriting or expanding on it before moving it to either an IaaS or PaaS.
51
lOMoARcPSD|30731768
A company can maintain many of its applications, but with the added benefit of
cloud-native services, such as scaling or automation.
Replace:
The final migration strategy is the most drastic. Replacing is for a company to
scrap its entire current system and move over to a SaaS (Software as a Service)
platform. Replacing a system can be an enticing option for those who haven’t updated
their operations for some time or have invested little into their current systems.
Cloud Migration Deployment Methods:
Understanding the different cloud migration strategies is one part of the solution.
The other is deployment.
Hybrid Deployment:
A hybrid deployment sees a mixed combination of data centers across multiple
environments. Using this method, a company can have data centers on public clouds,
private clouds, or on-site locations.
While this method allows an organization to take advantage of cloud functionality, it
also requires more cohesive communication between the environments.
Multicloud Deployment:
Multicloud deployment sees operations spread across multiple public cloud
platforms. This method allows a company to mix and match applications from different
cloud providers while also offering redundancy and backup features.
Single Cloud Deployment:
Smaller businesses that only require a single cloud provider’s product line may
opt for single cloud deployment. While this may be the easiest deployment method for
cloud migration, it’s also the most limiting.
Understanding the Cloud Migration Process:
Several aspects need to be considered to know which migration strategy and
deployment method are best for a company.
Goals and Budget:
Only by knowing what a company wants can it measure to assess its
success.While this may be a challenging aspect to come to terms with, the costs
associated with migrations need to be offset by the Return on Investment (ROI).
Migration Strategy:
The migration strategy should act as a roadmap listing various milestones and
objectives to keep the plan on track. The plan must incorporate:
52
lOMoARcPSD|30731768
Realistic timelines
Accounting for variables and dependencies
Current cloud operational maturity
Validation of benefits to business application
5.Descibe the concepts of cloud capacity planning.
53
lOMoARcPSD|30731768
Make sure your quotas match your capacity needs. A quota is a specific
countable resource, like how many load balancers your projects can use
simultaneously. Your goal in your cloud capacity planning effort should be to
support business goals. You should be able to tell users what will happen with the
cloud in three to six months regarding cost, response time, and availability
Benefits of Cloud Capacity Planning:
A number of benefits from cloud capacity planning, including:
Reduction of Costs:
A strategic cloud capacity plan helps IT anticipate and plan for changes that
may affect cloud resource management. Your IT team can better control, track, and
adjust resource capacity, consumption, and related budgets or quotas when they
understand business priorities and plans.
Application Performance
Poor performance can lead to negative user experiences and increased
customer churn. As part of strategic cloud capacity planning, IT can find and fix
performance bottlenecks from systems and applications. Additionally, cloud
capacity planning helps you find cost-effective ways to achieve optimal
performance.
Agility
Your IT team can effectively plan for unforeseen spikes in demand using
historical data and usage patterns as part of effective cloud capacity planning.
Cloud Capacity Planning and Synopsys:
Cloud capacity planning can aid any organization that uses cloud computing
to improve performance. Chip makers and small businesses looking to leverage the
cloud for their chip projects can benefit immensely from cloud capacity planning.
Synopsys, EDA, and the Cloud:
Synopsys is the industry’s largest provider of electronic design automation
(EDA) technology used in the design and verification of semiconductor devices, or
chips. With Synopsys Cloud, we’re taking EDA to new heights, combining the
availability of advanced compute and storage infrastructure with unlimited access
to EDA software licenses on-demand so you can focus on what you do best –
designing chips, faster. Delivering cloud-native EDA tools and pre-optimized
hardware platforms, an extremely flexible business model, and a modern customer
experience, Synopsys has reimagined the future of chip design on the cloud, without
disrupting proven workflows.
54
lOMoARcPSD|30731768
55
lOMoARcPSD|30731768
Cloud capacity planning for your startup can sometimes feel like steering a
sailboat onto shore without a lighthouse. There can be lots of uncertainty and
guesswork that undermine your confidence.
1. Regularly review and adjust plans:
Cloud environments are dynamic, and your capacity plans need to be, too.
Regularly reviewing your current usage against your forecasts will help you identify
trends and make necessary adjustments.
2. Embrace automation and auto-scaling:
Modern cloud platforms offer auto-scaling features that automatically adjust
resources based on demand. This prevents your performance from dropping when
there’s a spike in traffic or user demands.
For example, DigitalOcean’s autoscaling dynamically adjusts your computing
resources based on the current workload. This helps you meet demands without
overpaying for what you don’t need.
3. Invest in monitoring and analytics tools:
Without data and analysis, you’re just guessing at your startup’s cloud
demands. Real-time monitoring provides insights into resource utilization, helping
in proactive adjustments—AKA making changes before something goes wrong.
Use DigitalOcean Monitoring and third-party analytics tools to get a comprehensive
view of your resource usage and performance metrics. This gives you a better
understanding of your capacity requirements.
4. Train and upskill your team:
A well-informed team can make better capacity planning decisions and
quickly address issues. Invest in training sessions, workshops, or online courses to
keep your team up-to-date with the latest cloud capacity management techniques.
5. Test different scenarios:
Simulating different usage scenarios can help you understand how your cloud
infrastructure responds to various loads. Periodically run stress tests or load testing
to simulate high-demand scenarios and see how your cloud resources cope.
6. Study workload patterns:
Different applications and services have varying usage patterns. Some might
experience steady traffic, while others have peak periods. Understanding these
patterns helps in making informed capacity management decisions.
For example, if performance drops on the weekends or holidays, you know
you might be experiencing increased traffic to your websites or applications.
56
lOMoARcPSD|30731768
57
lOMoARcPSD|30731768
PART-A
1.What are the types of pricing models in cloud computing?
2. Define Freemium.
3.What is meant by cost management?
4.What are the importance of cloud cost management?
5. Differentiate between Cloud Cost Management vs. Cloud Cost Optimization
6.Define CapEx :
7.List out the characteristics of CapEx expenditure:
8. What is OpEx in Cloud?
9.Write a short note on pay-per-use on model.
PART-B:
1.Explain in detail about the pricing models for cloud services.
2.Describe the concepts of Freemium.
3.Explain in detail about the cloud cost management.
4.Describe the cloud cost models.
5.Explain in detail about the Opex and capex.
PART-A
1.What are the types of pricing models in cloud computing?
Fixed Pricing Models
Pay-per-use Model
Pay-per-use Model
2. Define Freemium.
Freemium is a business model that works by offering a product or service free
of charge (like software, web services etc) while charging a premium for advanced
features and functionality.
3.What is meant by cost management?
58
lOMoARcPSD|30731768
59
lOMoARcPSD|30731768
PART-B:
60
lOMoARcPSD|30731768
Fixed pricing models are also called Static pricing models, due to the stability
of the price for a long time. The most famous service providers on the cloud such as
Google, Amazon Web Services, Oracle, Azure and others use fixed pricing models.
Fixed Pricing makes users aware of the cost of doing business and consuming
a resource. However, in the other hand this type of pricing is mostly unfair with the
customers because they can overpay or underpay for their needs. In addition, it is not
affected with the demand.
There are many fixed pricing such as “pay-per-use”, subscription, price list …
In this part I will talk briefly about these pricing models:
Pay-per-use Model
In this model, user only have to pay for what they use. Customer pays in
function of the time or quantity he consumes on a specific service. Amazon Web
Services (AWS) [13], Salesforce [19] as shown in Table 1 and Table 2 use this
model.
61
lOMoARcPSD|30731768
62
lOMoARcPSD|30731768
In this model, the service provider lists all prices and their details in one
table/list. In addition, it can be downloaded as a document (PDF). This model is used
by Oracle [15] as shown in Fig. 1.
FREEMIUM:
Freemium is a business model that works by offering a product or service free
of charge (like software, web services etc) while charging a premium for advanced
features and functionality.
What is the advantage of Cloud Computing Freemium Model versus the
traditional way
Traditionally, the software or the content had to be downloaded by the End
user. As the software is being installed on his / her computer by the End User, often
some keygen are being used to unlock them.
As in case of most Cloud Computing based applications – that is SaaS, the real
software is on the provider’s server and protected efficiently from being misused by
using various technologies, a trial is fully trial in when offered through Cloud
Computing infrastructure.
Current approaches of Freemium model in Cloud Computing:
Full access and usage for a limited period, often the user needs to verify the
Credit card. Rackspace Cloud and Amazon ECS can be the examples of Freemium
model in Cloud Computing.
Limited by the Capacity or the Features – Think of Free Cloud Storage and
Free Apps offered by Google.
63
lOMoARcPSD|30731768
64
lOMoARcPSD|30731768
technologies, and informing decisions about the workloads running in each cloud
environment.
Cloud cost management also helps you optimize resources to make the most
of them. Public cloud providers usually offer a cost management tool to help you
achieve this. However, specialized third-party cost management solutions offer
greater visibility and insights into cloud costs, allowing you to control spending and
implement good governance practices.
Cloud Cost Management vs. Cloud Cost Optimization:
Cloud cost management involves allocating and tracking cloud resources to
analyze and report cloud spending. Cloud cost optimization takes these insights to
help you understand how to minimize costs while maximizing business value.
Cloud cost optimization is not limited to cost savings—aligning costs with
business goals is also important. When revenue increases, increasing costs might not
be an issue.
Cloud cost growth often relates to indicators such as introducing new
customers and launching new features. However, these activities usually bring
higher returns. In software-as-a-service (SaaS) environments, higher revenues often
lead to higher profit margins and help attract investors.
Cloud Cost Models:
Given the volatility of supply and demand, cloud offerings usually have
dynamic cost models. A cloud cost model can be time-based, cost-based, or auction-
based, depending on several factors.
The three main cloud pricing approaches are value-based, market-based, and
fact-based. Demand drives value-based costing, supply drives fact-based costing,
and supply-demand balance drives market-based costing.
Many people are unaware of the many unique pricing structures available with
cloud computing. Understanding the different pricing options is important for
models choosing the right cloud cost model and determining how the CSP bills you.
Three main factors determine the cost of cloud computing services.
Compute—most cloud service providers (CSPs) offer different compute
instances with different memory and CPU features. They can also use
specialized hardware such as high-speed networking and graphics
acceleration. You pay based on each instance’s number, type, and usage
duration.
65
lOMoARcPSD|30731768
66
lOMoARcPSD|30731768
67
lOMoARcPSD|30731768
68
lOMoARcPSD|30731768
Prepaid/Fixed Subscriptions
In a subscription-based model, cloud customers pay for services upfront.
Subscription prices deliver a predetermined package of services for a specified
time. The longer the period, the lower the price.
Subscription pricing is common for cloud services that combine multiple hardware
and software elements, like platform as a service (PaaS) and software as a service
(SaaS). Most cloud providers also offer subscription-based pricing for customers
with high spend, allowing them to enter into a corporate discount plan, where they
commit to a certain level of cloud spend and receive a discount on some or all of
their cloud services.
Reserved Instances
Reserved instances allow companies to commit to cloud resources for a long
period of time, typically 1 or 3 years. The longer the discount, and the more the
company is prepared to pre-pay at the beginning of the period, the greater the
discount. A three-year term is usually the most cost effective. Cloud providers
typically offer discounts of 50-75% compared to pay-as-you-go rates for reserved
instances with the same capabilities.
Reserved instances are suitable for steady state loads and long running systems.
However, organizations should not use reserved instances for peak loads. Instead,
reserved capacity should be used for core components of the system, and additional
capacity required during peaks should be handled using pay-as-you-go or spot
instances (see below).
AWS Savings Plan
Similar to reserved instances, Savings Plans are a flexible pricing model that allows
organizations to enjoy lower than on-demand pricing, in exchange for a one-year or
three-year specific usage commitment. The commitment is expressed in terms of
spend per hour on Amazon services.
AWS offers three types of Savings Plans:
Compute Savings Plans – apply to all usage of Amazon compute services
usage, including EC2, AWS Lambda and Fargate.
EC2 Savings Plans – applies only to usage of Amazon EC2 instances.
SageMaker Savings Plans – applies only to SageMaker usage.
Savings plan offer three payment methods:
No upfront – does not require an upfront payment, bills customers according
to actual usage each month. This grants the minimal savings plan discount.
69
lOMoARcPSD|30731768
Partial upfront payment – with this option, more than half of your contract
is prepaid and the rest is billed monthly, which grants an additional discount.
Full upfront payment – the full commitment is paid upfront, which grants the
deepest discount.
Spot Instances
Spot instances are usually the lowest-cost computing option, offering discounts of
up to 90% compared to pay-as-you-go rates. Spot instances are used by cloud
providers to sell off spare capacity. The discount comes with a catch—spot
instances can be interrupted at very short notice.
Ordinarily, spot instances can only be used for workloads that are stateless, fault
tolerant, or processes that can be stopped and restarted. Cloud optimization
technology like Elastigroup from Spot by NetApp can help you leverage spot
instances for demanding, mission critical workloads as well.
Learn more in our detailed guide to cloud cost models
70
lOMoARcPSD|30731768
Datacenter renovation
Restoring an asset's value through upgrades
Repurposing an asset
Setup and supporting infrastructure costs
Repairs beyond routine maintena
Characteristics of CapEx expenditure:
The key to determining capital expenditure is to observe distinct concepts,
such as where they should be accounted for and how they should be taxed.
Here’s how.
Long-term - Procured to provide benefits past the current tax year.
Many assets, such as buildings, patents, and computers, remain
economically viable for decades.
Approval - The process involves a lot of long-term planning,
including forecasting future demand versus potential returns in
advance. So, CapEx-based IT spending often takes a lot of time to
approve.
Ownership - Once you clear the payment, you take full ownership of
the tangible or intangible asset. You can finance the purchase with
debt, savings, or retained profits.
Responsibility - As the owner of the asset, you are in charge of all
aspects of it, such as security, updates, upgrades, repairs,
maintenance, and training employees. In addition, you decide who,
what, and why to use the asset.
Upfront cost - You pay for them in advance — before using them.
Most CapEx projects are one-time investments, only requiring
updates, upgrades, or replacements every five to ten years.
High-ticket - Capital expenditure often covers assets, which can be
costly to acquire but are essential for starting, running, and
maintaining a business.
On-premises - Most CapEx spend is often for physical, fixed assets
that you will install, run, and maintain on-premises or within a
physical data center.
Tax treatment - Intangible assets are amortized over time, whereas
physical assets are depreciated over their lifetime. So, you do not
claim CapEx costs in their entirety the same year you incur them.
71
lOMoARcPSD|30731768
Financial reporting - While some capital expenditures are fully expensed the
same year you make them, they usually go into the balance sheet as assets, not
expenses. Only a percentage of it goes on the profit and loss statement (as a
depreciation expense on an ongoing basis).
72
lOMoARcPSD|30731768
PART-A:
73
lOMoARcPSD|30731768
74
lOMoARcPSD|30731768
PART-B:
1.Explain in detail about the IT Governance.
IT governance definition:
IT governance is an element of corporate governance, aimed at improving the
overall management of IT and deriving improved value from investment in
information and technology.
IT governance frameworks enable organisations to manage their IT risks
effectively and ensure that the activities associated with information and technology
are aligned with their overall business objectives.
Important of IT governance:
IT governance enables an organisation to:
Demonstrate measurable results against broader business strategies and goals.
Meet relevant legal and regulatory obligations, such as those set out in
the GDPR (General Data Protection Regulation) or the Companies Act 2006.
Assure stakeholders they can have confidence in your organisation's IT
services.
Facilitate an increase in the return on IT investment; and
Comply with certain corporate governance or public listing rules or
requirements.
Corporate governance:
Corporate governance is "a toolkit that enables management and the board to
deal more effectively with the challenges of running a company. Corporate
governance ensures that businesses have appropriate decision-making processes
and controls in place so that the interests of all stakeholders are balanced.”- ICSA,
The Governance Institute.
A robust corporate governance framework can help you meet the requirements
of laws and regulations such as the DPA (Data Protection Act) 2018 and the GDPR.
For instance, the GDPR requires data controllers and processors to
demonstrate their compliance with its requirements through certain documentation,
including relevant logs, policies and procedures.
75
lOMoARcPSD|30731768
Harnessing the elements of IT governance will help you create and maintain
appropriate policies and procedures to help meet your data privacy requirements.
IT governance frameworks, models and standards:
ISO 38500 – The international IT governance standard:
ISO/IEC 38500:2015 is the international standard for corporate governance of
IT.
It sets out principles, definitions and a high-level framework that organisations of
all types and sizes can use to better align their use of IT with organisational decisions
and meet their legal, regulatory and ethical obligations.
Buy a copy of ISO/IEC 38500:2015
As well as ISO 38500, there are numerous widely recognised, vendor-neutral
frameworks that organisations can use to implement an IT governance programme.
Each has its own IT governance strengths – for instance, COBIT focuses more on
process management and ITIL on service management – but you might benefit from
an integrated approach, using parts of several frameworks to deliver the results you
need.
Follow the links below to find out more about each framework.
ITIL – IT service management:
Widely adopted around the world, ITIL is a framework for ITSM (IT service
management). Its latest iteration, ITIL 4, was launched in February 2019.
ITIL is supported by ISO/IEC 20000-1:2018 – the international standard for ITSM
against which organisations can achieve independent certification.
Learn more about ITIL
Browse ITIL products
COBIT:
COBIT (Control Objectives for Information and Related Technology) is an
internationally recognised IT governance control framework that helps
organisations meet business challenges in regulatory compliance, risk management
and aligning IT strategy with organisational goals.
COBIT 2019, the latest iteration of the framework, was released in November 2018.
It builds on COBIT 5, introducing new concepts and addressing the latest
developments affecting enterprise IT.
76
lOMoARcPSD|30731768
77
lOMoARcPSD|30731768
78
lOMoARcPSD|30731768
79
lOMoARcPSD|30731768
80
lOMoARcPSD|30731768
81
lOMoARcPSD|30731768
82
lOMoARcPSD|30731768
When the peak is over, you go back to operating at your normal capacity at no
additional cost. While you may incur a larger monthly cloud bill at peak, you will
experience no downtime nor would you need to maintain redundant infrastructure
when the surge is over.
Comparing On-Premise TCO To Cloud TCO:
At the end of your cloud TCO analysis, you should have specific numbers that
can help with your decision-making. A few things should guide understanding of
the results:
1. Cloud computing is not inherently cheaper than an on-premise model.
2. Cloud adoption is rarely about pure cost savings. Often the end result is a
larger ROI and better business outcomes, not lower TCO, even though it
could be both.
3. Comparing the business value and opportunity cost of switching to the cloud
versus using an on-premises model is just as important as comparing head-
to-head costs.
4. Identifying cost savings and e fficiencies is critical when performing a cloud TCO analysis.
83