CSC’s statement on the guidelines for public administration regarding the location and management of information

CSC supports the drafting of the guidelines for public administration and their objectives. CSC emphasizes that attention must be paid to the interoperability of systems when conducting cloud service procurements. On technical level this means taking into account the interoperability of data transfer and API technologies. In addition to technical interoperability, the semantic approach, e.g. the commensurability of information, should be kept in mind.

CSC emphasizes that in addition to challenges listed in the proposal draft, following aspects should be taken into account in cloud service procurements:

• Exit-process: How information is restored from a cloud service if service provider changes?
• How to avoid a vendor-lock in, i.e. dependency on single cloud service provider's technology?
• Skills and know-how: Are there enough skilled workforce in the organisation? If not, how sufficient knowhow is ensured? Is there e.g. a possibility to get expert support?
• Costs: How do costs differ in the long term in different service models?

In the proposal the ministry states that "risk management stands out when using cloud services". CSC reminds that it is important to list ways to prepare for the risks and describe actions which should be taken into account before conducting cloud service procurement.