IT Governance, Risk, and Compliance


November 27, 2010  3:30 AM

Open Source Hardware and Software Licensing – Part III

Robert Davis Robert Davis Profile: Robert Davis

“Collectively, the term IT hardware describes all equipment necessary to enable IT services utilization. Yet, each hardware configuration item may have distinct operational characteristics and controls.” Therefore, as with any critical IT development, representatives from information security and IT audit should be considered key project participants. Information security’s primary role in an open source hardware development project is to ensure appropriate safeguarding mechanisms are deployed. Whereas, IT audit’s primary role in an open source hardware development project is to assure adequate preventive, detective, and/or corrective controls are implemented.

View Part I of the Open Source Hardware and Software Licensing series here

November 23, 2010  7:03 PM

Open Source Hardware and Software Licensing – Part II

Robert Davis Robert Davis Profile: Robert Davis

Open source IT hardware are physical configuration items designed and usually offered under the same terms as other open source products. Utilizing this premise, an open source IT hardware development project can apply similar open source value concepts during construction and deployment of IT infrastructure components. In particular, depending on the approach applied to open source IT hardware development, a hardware engineer can create a digital device customized to the exact needs of the user — even if the demand for the device is limited. Beneficially, information regarding the IT hardware of interest is typically easy to discern. In addition, when an IT hardware design is published as open source, project participants can: learn from the root documents, improve on the presented engineering concepts or second-source device development.

View Part I of the Open Source Hardware and Software Licensing series here


November 18, 2010  5:27 PM

Open Source Hardware and Software Licensing – Part I

Robert Davis Robert Davis Profile: Robert Davis

In an attempt to control and/or reduce IT costs many entities have turned to open source development as a preferred alternative method for constructing new products. Open source products can be described as the practices in the development process promoting access to root materials of a forecasted result. Typically, the open source development process removes restrictions on root material distribution and utilization to produce the desired outcome. Most open source licenses allow the source material to be redistributed, without restriction, under the same terms of the original agreement when development work is sub-contracted to a third party. In contrast, proprietary products are licensed under the exclusive legal right of its owner and generally remiss of transferability.


November 16, 2010  12:03 AM

Service Level Management of Cloud Computing – Part VIII

Robert Davis Robert Davis Profile: Robert Davis

Generally, cloud computing clients do not own the physical infrastructure, logical infrastructure or applications accessed by authorized personnel. Instead, clients avoid capital expenditures through leasing usage from the third-party provider. Service consumption payment plans are typically based on utilization and/or subscription rates defined in the third-party provider’s business model; where leasing arrangements can reflect block time, remote batch, or timeshare costing techniques. Nevertheless, entities that acquire cloud computing services should employ sound IT service management systems, processes, activities, and tasks to ensure defined QoS as well as financial expectations for selected third-party configurations are fulfilled.

View Part I of the Service Level Management of Cloud Computing series here


November 12, 2010  4:52 AM

Service Level Management of Cloud Computing – Part VII

Robert Davis Robert Davis Profile: Robert Davis

Commercial cloud computing vendors are expected to meet achievable QoS requirements, and if the entity is vigilant, sign legally binding SLAs promoting expectation fulfillment. To ensure effective SLAs, OLAs must be defined and developed prior to deploying any cloud computing service. These OLAs should cover expectations that assist the entity’s IT organizational structure in services delivery and contractual negotiations.

Commonly, OLA utilization requires explaining how services will be technically delivered to support the SLA(s) in an optimal manner — with provisions for timely updating related to service quality. Consequently, an OLA should specify technical processes in terms meaningful to the cloud computing provider, and can support several SLAs.

View Part I of the Service Level Management of Cloud Computing series here


November 8, 2010  8:32 PM

Service Level Management of Cloud Computing – Part VI

Robert Davis Robert Davis Profile: Robert Davis

SLR recording dictates identifying performance as well as capacity requirements and placing them in a SLM registry. These SLRs can encompass:

  • Scalability
  • Maintainability
  • Reliability
  • Availability
  • Performance
  • Security

During the initial cloud computing acquisition phases, an IT architect should define the QoS measurements for each of the SLRs.  Furthermore, an entity’s IT clients should agree on: guidelines for dealing with reported problems that may require extended timeframes to resolve as well as information detailing the impact of problems on business processes, other IT configurations and service users.

View Part I of the Service Level Management of Cloud Computing series here


November 4, 2010  5:13 PM

Service Level Management of Cloud Computing – Part V

Robert Davis Robert Davis Profile: Robert Davis

To enable SLM, customers as well as internal and external suppliers should be identified and managed. For most service providers, cloud computing infrastructure consists of services delivered through central sites utilizing configured servers. Whereby, IT services often appear as single access points to clients.

Descriptively, establishing sound SLM necessitates clear service specifications and interfaces defined with customers (Service Level Requirements (SLRs)). Furthermore, internal Operational Level Agreements (OLAs) and contracts with external suppliers will facilitate adherence to negotiated SLAs.

View Part I of the Service Level Management of Cloud Computing series here


November 1, 2010  5:39 PM

Service Level Management of Cloud Computing – Part IV

Robert Davis Robert Davis Profile: Robert Davis

SLM can be considered QoS monitoring and management based on key performance indicators (KPIs). QoS KPIs can range from generic availability and usage statistics to entity-centric per-interaction indictors. Adequate SLM requires potential problems identification — such as gradual performance degradation — and alerts creation enabling downtime risk minimization. Consequently, SLM practices should include comparing actual performance to pre-defined expectations, determining appropriate actions and generating expressive reports to permit service improvement.

View Part I of the Service Level Management of Cloud Computing series here


October 28, 2010  3:11 PM

Service Level Management of Cloud Computing – Part III

Robert Davis Robert Davis Profile: Robert Davis

Usually the rapid growth of virtualized resources across multiple domains begets heightened IT service delivery expectations. To reconcile this perspective, management normally insists on increased quality, functionality and ease of use; decreased deployment time; and continuously improving service levels — with multilateral cost containment or abatement.

For the entity’s IT service delivery personnel, business expectations generally translate into providing appropriate SLM of cloud computing. Typically, SLM is considered the primary IT managerial area that ensures promised services are delivered when and where expected at agreed-upon cost. As with most managerial endeavors, there should be a well formulated plan. Consequently, assisting in actualizing expectations for SLM processes is the Service Quality Plan (SQP) addressing specific managerial objectives.

View Part I of the Service Level Management of Cloud Computing series here


October 25, 2010  3:00 PM

Service Level Management of Cloud Computing – Part II

Robert Davis Robert Davis Profile: Robert Davis

IT assets are complex to manage and continually change due to the nature of technology and changing business requirements. Effective life cycle management of hardware, software licenses and service agreements; as well as permanent and contracted human resources are critical success factors (CSFs) not only for optimizing the IT cost-base, but also for managing changes, minimizing service incidents and assuring a reliable quality of service (QoS).

As suggested by International Business Machines (IBM), cloud computing enables entities to provision reliable, on-demand services in a flexible and affordable manner; thus, offering the benefits of open standards, scalable systems and service oriented architecture. However, there are potential challenges associated with managing a cloud environment, including:

  • rapid growth of virtualized resources across multiple domains
  • linkage of dynamic resources to underlying IT infrastructure
  • operational monitoring and problem determination across the physical and virtualized infrastructure

View Part I of the Service Level Management of Cloud Computing series here


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: