Institutional and Procurement Practice Note on Cloud Computing
Institutional and Procurement Practice Note on Cloud Computing
Published
2023-03-16
Author(s)
World Bank
Abstract
Despite widespread awareness on the
benefits of cloud computing, authorities in most of the
World Bank’s client countries have not explored the
opportunity of adopting cloud computing solutions. Task
teams are finding it difficult to provide relevant advice to
the counterparts and address their concerns. Most
authorities have identified risks of moving to cloud
computing: Will their data be safe? Will they have sovereign
control over access to data stored offshore? Will privacy be
protected? These risks are real. Due to an inadequate
assessment framework to identify and assess these risks, the
typical response of most client governments is to develop a
government’s cloud (G-Cloud or GovCloud). This seems logical
for more sensitive or mission critical data. However, this
is not enough. Adopting a hybrid cloud model, which
leverages the cloud services from the private sector to work
in conjunction with the G-Cloud can offer immense
opportunities to save costs, improve security, enhance
performance, and strengthen resilience in a post COVID-19
world. However, client governments need guidance to change
their policy response on cloud computing - from the
risk-avoidance to the one of risk-management. This note
provides guidance on institutional and procurement
arrangements and risk mitigation methodology for acquiring
and managing public cloud solutions using a
whole-of-government approach.
Citation
“World Bank. 2023. Institutional and Procurement Practice Note on Cloud Computing: Cloud Assessment Framework and Evaluation Methodology. Equitable Growth, Finance and Institutions Insight - Governance. © Washington DC. http://hdl.handle.net/10986/39549 License: CC BY-NC 3.0 IGO.”