Qld auditor to target govt's management of cloud partners

By

Making sure agencies are ready for 'cloud first'.

Queensland's state auditor will investigate the public sector's management of cloud computing service providers over the coming year following the government's introduction of a cloud-first mandate for IT buying.

Qld auditor to target govt's management of cloud partners

Last May Queensland became the first Australian government to require its agencies to consider cloud-based solutions as the default option in any new IT procurements.

To keep an eye on progress, the Queensland Audit Office this week revealed it would examine how government agencies are handling the management of cloud computing services.

The government watchdog published its proposed auditing schedule out to 2018 [pdf], revealing that during 2015-16 it will conduct an investigation into the "design, implementation, security and operating effectiveness of the management of ICT service providers for cloud computing".

"Cloud computing can be relatively easy to set up and fund," the QAO wrote.

"However, inadequate considerations of fit for purpose (sic), risk management and long term strategy could leave agencies with few or costly exit options in the event of unsatisfactory performance of the service providers or changes in agencies’ requirements."

Such management shortfalls have been blamed for Queensland Health's bungled payroll project [pdf], which will now cost an estimated $1.2 billion to rectify and complete.

The Queensland Audit Office said government agencies needed to have a "robust risk assessment and management approach for the ICT services provided by external providers".

"For the implementation of cloud computing, this includes balancing the security, scalability and value for money of public and private clouds," it said.

"A more secure but more expensive private cloud is restricted to a single enterprise. The public cloud provides scalability options but adopts ‘one size fits all’ for all enterprises sharing the infrastructure.

"Some risks in relation to public clouds include security, data and system integration, data and system portability, viability of the service provider, ICT governance and service level agreements."

The QAO's report is expected to be tabled before the end of 2016.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
merchantpaymentsoftwareverifonewestpac

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

Orica to set new workforce systems live in Australia in July

Orica to set new workforce systems live in Australia in July
Lion builds an app to detect its beers on tap in venues

Lion builds an app to detect its beers on tap in venues
ANZ Institutional readies go-live for "multi-agent chatbot" amie

ANZ Institutional readies go-live for "multi-agent chatbot" amie
Victoria Police refreshes online reporting

Victoria Police refreshes online reporting
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?