Infocomm Development Authority (IDA) of Singapore announced the unveiling of the new Cloud Outage Incident Response Guidelines which impact plans for Business Continuity Management and Disaster Recovery.
“IDA, together with the representatives of DSTA, ACCA, ITMA, SCS, and SITF, formed a working group in September 2013 …After two years of discussion, scoping and development, the guidelines are completed,” stated IDA Assistant Chief Executive & Chief Data Officer, Mr Khoong Hock Yun.
The creation of these guidelines were driven by the need to prepare for the event of cloud outages. The COIR guidelines frame out four tiers of responses that are based on the expected impact of outages:
Tier A – Systemic/Life-Threatening Impact (E.g. Airplane traffic controls industry): This concerns cloud services which host functions that directly impact human safety, economic stability, or industries at large.
Tier B – Business Critical Impact (E.g. Payment gateways): This concerns cloud services which host functions critical to organisation’s operations, where outages impact the business brutally.
Tier C – Operational Impact (E.g. Corporate emails):
Tier D – Minimal Impact (E.g. General information websites):
Through these guidelines, cloud service providers (CSPs) may articulate the scope and scale of resilience offered by their cloud solutions.
CSPs may then put a plan in place for communications plans, mobilisation of emergency resources, prioritisation of restoration efforts, and implementation for course of notifying other parties regarding the outages.
These guidelines come at a time when they are needed most, as public and private sector organisations are considering cloud solutions as the way forward.
“Major cloud outages across the globe have driven home the need for clear guidelines and contingency plans on the part of both enterprise user and CSPs, even as the world moves towards a cloud-based system,” said Mr. Khoong.
“BCM and DR planning is essential for any modern organisation to operate and function smoothly. The advantages are clear: ranging from better protection of data, hardware and software, preparedness of organisations and enterprises for potential disaster and to sustain productivity.”
