Seite 79 - Cloud Migration Version 2012 english

79 
Figure 5: Cloud service provisioning 
Measures to prevent 'Cloud risks'  
Main criteria for the Cloud services supply chain from production to user: 
1.
Availability 
2.
Confidentiality 
3.
Integrity 
4.
Contractual and legal assurance 
Contractual and legal assurances are dealt with elsewhere in this book. 
Criteria 1 to 3 above are, however, operative IT qualities which must be set 
down with the supply chain partners in a Service Level Agreement in 
addition to the contractual points. 
Among other important factors, Cloud providers will also vary in the degree 
to which the provisioned qualities can be verified. It is exactly this evidence 
of service reliability that provides the Cloud user with the information he 
needs in his cockpit to stay the course in these 'cloudy conditions'.  The use 
of measuring instruments and targets is mandatory in this regard for 'supply 
chain' controllability and, just like a commercial pilot flying a Boeing from 
London to Los Angeles, to check the readout and compare it with the 
programmed flight course on a constant basis. 
Audit evidence and certificates from recognised and reliable certification 
centres can be a big help in this regard. These centres test the reliability of 
the Cloud providers for users by performing mandatory and repeated audits,