ICT refresh points will act as a trigger for Federal agencies to evaluate the possibility of cloud services, according to the new Federal Cloud Computing Policy, released on 8 October.
The co-launch of the Australian Government Cloud Computing Policy by three Australian Government ministers is a rare ICT event and indicates the depth of support the ‘consider cloud first’ approach has across the Coalition Government.
The Coalition made the use of cloud a central tenet of its September 2013 pre-election E-Government Policy. Despite this, it has taken just over a year for this key element of their election platform to be formally adopted.
The Cloud Policy was announced by Attorney-General George Brandis, Minister for Finance Mathias Cormann and Minister for Communication, Malcolm Turnbull in a joint media release.
“Government departments and agencies are now required to consider cloud first where it is appropriate for their ICT requirements”, the release states. Government corporations are not required to comply with this Policy.
The decision making process for agencies considering cloud and other outsourced ICT arrangements has been streamlined, the media release states.
The Policy makes it mandatory for agencies to consider the adoption of cloud services but provides some qualifiers including that the cloud solution must be ‘fit for purpose’, offer ‘best value for money’ and meet the security requirements of the Protective Security Policy Framework.
It contains specific requirements to move testing and development functions to public cloud arrangements.
Agencies must also evaluate “private, community, public or hybrid cloud services” for other operational systems, and consider opportunities for cross-entity or portfolio cloud services.
The ICT refresh points that will act as a trigger for evaluating cloud services include scheduled systems replacements, planned upgrades, pilots and capabilities that are used periodically.
A number of activities are underway which are reliant upon the clarification the Cloud Policy now provides:
- A trial to relocate critical data to a secure government cloud using automated tools in December 2014 or January 2015;
- A Request for Tender (RFT) to establish a non-mandatory Whole of Government (WofG) Cloud Services Panel;
- The release of a Resource Management Guide to support agencies in adopting cloud services in line with the Policy, expected to be issued in late 2014.
The cloud first position of the new Policy is a radical turn-about from the former Labor Government’s requirements for double ministerial sign-off for any proposal to host sensitive data off-shore. Abolished in September 2014, this previous policy created a marked environment of overall hesitancy by Federal agencies to adopt cloud solutions.
The Federal Government’s slow take up of cloud solutions to date has put it well behind Queensland, NSW and Victoria, which have already adopted a cloud-first approach to ICT procurement:
- The Queensland Government entered a contract with Microsoft, for Microsoft Office 365 email-as-a-service solution for use as a non-mandatory Whole of Government solution in April 2014;
- The NSW Department of Trade and Investment implemented SAP ERP-as-a-service in 2012 and Google Apps email-as-a-service in 2013, and approached the market for infrastructure-as-a-service for its test and development functions in September 2014;
- The NSW Department of Family and Community Services procured cluster-wide email-as-a-service from Fujitsu in July 2014; and
- The Victorian Department of State Development, Business and Innovation moved its CRM systems to the Salesforce Sales Cloud in 2011.
A potential future step for simplifying public sector cloud procurement is the adoption of a cloud services catalogue similar to the UK’s CloudStore, which offers streamlined pay-as-you-go Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Specialist Cloud Services (SCS) to Government agencies.
These same categories are the ones to be used by the Whole of Government Cloud Services Panel, currently the subject of an Approach to Market.