1 / 10

Gartner G-Cloud Service Definition

Gartner G-Cloud Service Definition. Cloud Consulting — Fast Track Cloud Security Review. For further information on Gartner support for Cloud initiatives visit: http://www.gartner.com/technology/research/cloud-computing/services.jsp.

zahir-melendez
Télécharger la présentation

Gartner G-Cloud Service Definition

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Gartner G-Cloud Service Definition Cloud Consulting — Fast Track Cloud Security Review For further information on Gartner support for Cloud initiatives visit: • http://www.gartner.com/technology/research/cloud-computing/services.jsp

  2. Gartner Service Definition —Fast Track Cloud Security Review Service Description Gartner will provide a High Level assessment of an organisation’s Security and Risk Management Governance, Processes and Technologies related to outsourcing your ‘business’ processes to cloud solutions or services. It includes the measurement and prioritisation of gaps, risks and high level recommendations. This methodology is designed for a security team to assess the suitability and attendant risks and controls of outsourcing a business processes, functions or workloads into a cloud based service. This will be achieved through: • An assessment of the expectations the organisation has regarding application manageability, security, performance, reliability and risk management in the cloud • Communication of security programme findings, risks and any gaps specifically as related to the proposed customer workloads to move workloads (or not) to the cloud • The development of high level actionable recommendations for this environment, including: • Governance, • Data protection • Identity and access control • Federation to reduce the overall risk to the business Price • Gartner will charge a firm fixed price of £56,056 excl. VAT, incl. all expenses for this service Key Deliverables Fast Track Cloud Security Assessment that provides: • Kick-off meeting to set requirements, expectations, scope and schedule • Interview schedule and minutes for a maximum of 10 interviews over three calendar days with key stakeholders to identify drivers and assess proposed workloads and existing Security governance, programs and technologies • Provide an initial draft report with an Executive Summary describing key findings, risks and gaps • Delivery of a one day workshop to validate the findings of the initial report • Final report including gaps, findings, risks and actionable recommendations (PowerPoint Format) Key Benefits The Fast Track Cloud Security Assessment provides: • Client security teams to be able to rapidly assess threats and deploy appropriate controls to make sound decisions and mitigate risks • Clients will be able to exploit Gartner research, benchmark materials and our Security Reference Architecture in order to inform and accelerate architectural and programme design • Reduce risks to the business by remediating gaps in the security business and functional landscape • Enable security teams to reduce the time to perform security assessments on workloads that are being considered for outsourcing to cloud based services

  3. Gartner Service Definition —Fast Track Cloud Security Review Gartner Project Team Roles Project Schedule • Gartner anticipates completion of this engagement within four weeks Client Project Team Roles • Project Sponsor • Project Manager • Key stakeholders, technical and business Project Benefits The client’s security team will be able to: • Rapidly assess risk and deploy appropriate controls to make sound decisions and mitigate risks • Reduce the time to perform security assessments on workloads that are being considered to be outsourced to the cloud Project Approach • Week 0: Initiation & Plan Rapid Cloud Security Assessment: • Review project team structure and overall status and schedule team review sessions • Week 1 to 2: Conduct Rapid Cloud Security Assessment: • Request and provide deliverables to be reviewed • Conduct interviews with key stakeholders, review appropriate deliverables and capture findings • Week 3: Develop Cloud Security Assessment report: • Develop an initial draft of Report with an Executive Summary describing key findings, risks and gaps • Delivery of a Workshop to validate report findings • Week 4: Finalise and Present Cloud Security Assessment report: • Final Report including Gaps, Findings, Risks and actionable Recommendations (PowerPoint Format) • Present report to key stakeholders

  4. Gartner Service Definition —Fast Track Cloud Security Review Reasons Why Others Use Gartner • Gartner created the IT Research industry 32 years ago, and our reputation speaks for itself. Gartner Research is the only IT research informed by both the technology end user and provider’s perspectives. We use our research as the basis for our Consulting solutions, methodologies and tools; and we leverage our research and our industry‑leading analysts, as needed, throughout our Consulting engagements. So, when our clients buy Gartner Consulting, they are buying Gartner Research • Articulating a clear ICT Value Proposition that is framed such that cloud opportunities are highlighted appropriately is a foundational pillar in approving and executing change. Without evidenceto secure informed consent to an updated ICT Value Proposition there is a danger that Cloud opportunities are missed, or pursued for inappropriate reasons • A clear view of what changes to make to ensure the organisation is better able to recognise, evaluate, decide and execute on Cloud initiatives (and the rationale for making such changes) Prerequisites • There are no prerequisites for this service Any Additional Information • There is no additional information related to this service

  5. Gartner Service Definition —Fast Track Cloud Security Review Assumptions • The client will designate a project manager as primary point of contact who will work closely with Gartner as needed and will: (a) approve priorities/task plans/schedules; (b) facilitate scheduling of interviews with personnel; (c) notify Gartner in writing of project issues and assist in their resolution • Client will review and approve documents within five business days. If no formal approval/rejection is received within that time, the deliverable is considered accepted • Client personnel will be made available per the schedule agreed in the kickoff meeting • The due diligence (as‑is) data are reasonably available via interviews and documentation review • Client provides timely access to personnel to be interviewed. These personnel will be able to answer questions, provide documentation and attend sessions • Project pricing assumes that Gartner will conduct 10 interviews and 1 workshops (1 days) over a period of 10 days and that the client will arrange all sessions with the client’s personnel • All data collection/interviews/workshops will take place via phone or in person as agreed at the project kickoff • With the exception of meetings and workshops, Gartner work will be performed at Gartner locations • Offices, phones, printing/copying and Internet access will be available to Gartner at client locations • Gartner will use Microsoft Office for the production of any engagement documentation • Any requests for additional information and/or deliverables(beyond the details described in this service definition) that are made will be considered a change in scope and will be handled accordingly (see Changes to Scope). This does not apply to clarification questions Changes to Scope • The scope of the engagement is defined herein. All client requests for changes must be set forth and explained in writing. As soon as practicable, Gartner shall advise of the cost/schedule implications of requested changes and any other necessary details to allow both parties to decide whether to proceed with the requested changes. The parties shall agree in writing upon any requested changes prior to Gartner commencing work • As used herein, “changes” are defined as work activities or work products not originally planned for or specifically defined by this service definition

  6. Gartner Service Definition —Fast Track Cloud Security Review Information Assurance • Gartner possesses analysts and consultants with various security clearances, or we will, within reason, acquire those clearances as the client demands • Gartner associates are bound by very specific rules around client confidentiality and security given that our clients reveal to us their greatest challenges and difficulties in order that we can help and support them most effectively Data Restoration • No client data is retained by Gartner as part of the client’s access to this service and therefore there is no data restoration process related to this service Backup Restore and Disaster Recovery • The Gartner service under discussion does not require Gartner to manage or store any critical client data. Therefore, as there is no risk to the client and no break in service that will affect the client experience, there is no applicable policy needed in relation to this specific issue Service Migration • There is no need for a Service Migration plan given the nature of the service under discussion. The client is able to complete and conclude the service without any ongoing process being required for transfer of service or information to an alternative provider or successor. At the conclusion of the service described all deliverables and any supporting information is handed over to the client

  7. Gartner Service Definition —Fast Track Cloud Security Review Onboarding • Gartner does not offer onboarding services, however, Gartner will hold a kickoff meeting with the client to ensure understanding of the engagement objectives, scope, schedule, and milestones, roles, responsibilities and required resources for Gartner and the client. Gartner will also discuss anticipated risks and mitigation plans, based on lessons learned from past experience. Gartner will gather any relevant background material from the client Offboarding • Gartner does not offer offboarding services, however, Gartner will close down the engagement, upon conclusion, ensuring all necessary skills and information are transferred appropriately and in a timely manner to the client

  8. Gartner Service Definition —Fast Track Cloud Security Review Pricing • Gartner will charge a firm fixed price of £56,056 excl. VAT, incl. all expenses for this service Financial Recompense Model • if a Service does not meet the specifications set out in the applicable Service Description, the breach will be handled in accordance with the Liability and Termination terms set out in the Call-Off Agreement Ordering and Invoicing Process • Gartner will bill for 100% of the professional fees at contract signing • All invoices are payable net 30 days from date of invoice. While Gartner does not itemise billing for professional services, Gartner agrees and will comply with any reasonable requests for records substantiating our invoices Termination Terms (by Consumer/by the Supplier) • Services may be terminated without cause by the Customer on at least thirty (30) Working Days notice

  9. Gartner Service Definition —Fast Track Cloud Security Review Service Management • This is not applicable to this service. The service will be managed as described under the Statement of Work component of this Service Definition Service Constraints • This is not applicable to this service Service Levels • This is not applicable to this service

  10. Gartner Service Definition —Fast Track Cloud Security Review Training • Gartner will provide Cloud Security Strategy and general project management coaching to the client's cloud transformation project manager Consumer Responsibilities • Provision of the necessary resources, systems and documentation for review • Responsible for managing logistics on client’s site for the duration of the engagement • Assign a client Project Manager to work as a single point contact between the Gartner team and the client • Identify the right people for the interviews/workshops, schedule and communicate the intent of the engagement • Provide facilities for workshops and Gartner workspace • Collate and send all relevant data prior to the meeting • Ensure attendance at kickoff meeting and any subsequent interviews and meetings by Project Sponsor, Project Manager and other key stakeholders, as determined prior, during and post kickoff Trial Service • Gartner does not offer a trial service option in relation to this service Technical Requirements • Gartner will require access to: • Any information requested (some may be potentially sensitive) regarding the cloud transformation project electronically and/or in paper format • Organizations overall IT Security infrastructure and key applications information electronically and/or in paper format

More Related