To get as sound as a cloud as this, the Queensland government will have to heed the Auditor’s warnings. Image: pattys-photos
Now that all the hype about cloud computing has finally blown over, and governments have secured it into their procurement line up and everyday use, the time has finally come for to have a look at how they’ve managed to use these once elusive systems and how they’ve benefitted everyone.
In a report tabled from the Queensland Audit Office (QAO), the state government’s internal use of cloud computing has come under scrutiny, with a hard look at the Queensland Government Chief Information Officer’s (QGCIO) cloud computing strategy and implementation model created in May 2014.
In this report, the QAO examined how well departments are adopting the Queensland cloud computing strategy in modernising their ICT assets and services to deliver business value while managing risks.
And according to the QAO, the government’s use of this so-called “disruptive” technology is widespread with a recent scan of the Queensland government gateway identifying more than 2,000 instances of cloud solutions in use.
However the audit firmly warned that Queensland government departments face a big problem when assessing their existing cloud solutions because there are so many, coupled with the fact that they are in the early stages of adoption.
The report said “they are also not aware of all of the cloud solutions in use by their agencies as they do not have mechanisms to monitor user-initiated cloud computing”.
“Without knowledge of all cloud solutions, they risk leaving government information insecure,” according the report.
It recommended that departments now need to take a more strategic approach to access where cloud can add the most value, and to address the people, process or technology change activities that are required if the objectives of the ICT strategy are to be realised.
The report warned that failure to do so will limit their abilities to benefit from cloud and other emerging technologies and may result in high cost ICT environments, more operational risks, an inability to keep up with citizen expectations of service delivery, and continued risk around ageing systems.
Another point of interest in the report is the procurement of cloud services.
It said that the DSITI has established two panels to support departments to procure their cloud services, but cannot demonstrate that these panels are providing value for money.
“This is because they have not tracked the cost of establishing the panels, and do not have the data or processes to identify departments that use the panel for their cloud procurement,” the report said.
“Consequently, DSITI is unable to identify the financial benefits of the panels or to forecast the usage for cloud services. Rather, it relies on the vendors to provide it with information about the use of the panels.”
