Cloud Readiness Analysis

STEP 1: Cloud readiness analysis

Step 1: Parameters

Regulatory & Compliance

Support for Technology

HW/OS Dependencies

License Portability

STEP 2: Cloud migration viability

Step 2 Parameters

Infrastructure

Application Dependencies

Business Criticality/ Availability

Security

Database
 Cloud Readiness Analysis

STEP 1: Cloud readiness analysis

Description

Each application may have regulatory and compliance requirements that are unique to, typically, that industry and country
Examples: Data residency requirements (limitation of data hosting to specific geography); Industry compliance requiremen
such as PCI DSS, HIPPA, SOC. We look to understand what the requirements may be, and analyze whether cloud providers
meet these requirements. There may be cases where the requirement can be met through architecting the solution
appropriately. In these cases the apps may be flagged and moved to Step 2.
Analyze the app type, app tech stack and OS to determine whether these are supported by the cloud platform.
Some applications may have been architected such that they are dependent on a specific hardware (e.g hardware
appliances, Solaris, printers) and on a specific OS (Windows 2000, AIX). An analysis is conducted to understand if there are
any HW/OS related limitations that could restrict the application from moving to cloud

Understand if there any license portability limitations imposed by software vendors in cases where 3rd party apps are in u

STEP 2: Cloud migration viability

Description
In conjunction with the other listed data fields- data on OS, hardware (physical/ virtual), data bandwidth and network late
requirements provides info on the complexity of effort required to transition to cloud; and what the target state cloud
deployment model may be.

Applications usually interact with other components in the ecosystem. Here, we analyze the dependencies (upstream and
downstream) associated with the application and the types of integrations between them to determine feasibility of
migration. Application performance is the primary parameter to be considered. Eg: It is preferred that two tightly coupled
apps stay in the same landing zone so as not to negatively impact performance requirements.
Business critical applications usually have high availability requirements. Target state cloud architectures need to cater for
such availability requirements. An analysis of this parameter determines the complexity of the target state cloud set up. A
thereby determine whether or not the cloud migration is feasible.
Here, we analyze whether the security controls required from the infra, network, application and data perspective can be
met by the target cloud platform.
Here, we determine whether the current database is supported by the cloud platform. Parameters such as dB throughput
time, shared data bases and clustering are considered.
 Question
Dimension Survey Question
Level
STEP 1: Cloud readiness analysis

Application Unique ID (Refer: CI from CMDB)

General Application Functionality (Describe the app)

App Life expectancy (Decommisioning Time)

Compliance requirements (PCI DSS, FISMA,

Select
SOC, or "Others")
If "Multiple", Please specify Info
Regulatory & If "Multiple", cloud suitability? Rate
Compliance Regulatory requirements - (Limiting data
Select
hosting to specific geography)
If Yes for Regulatory, please indicate the
Info
limitation
If Yes for Regulatory, cloud suitability? Rate

Application Type Select

If "Others", Please specify Info
If "Others", cloud suitability? Rate
Technology Stack Select
Support for Technology
If "Others", Please specify Info
If "Others", cloud suitability? Rate
Operating System Select
If "Others", Please specify Info
If "Others", cloud suitability? Rate
 Hardware Platform Select

If Physical, platform details Info

HW/OS Dependencies If Physical, P2V feasible? Rate

Hardware / OS dependencies Select

Dependency details Info

If there are Hardware/OS dependencies,

Rate
cloud suitablity?

Licensing Limitations for Portability Select

License Portability
Limitation details Info
If Portability limitaions, cloud suitablity? Rate
STEP 2: Cloud migration viability

Operating System Select

If Others, please specify Info
Cloud suitabilty? Rate
Hardware Platform Select
Infrastructure
If not virtual, please provide platform details Info

If Physical, P2V feasible? Rate

Expected Data Bandwidth requirements Select
Expected Latency requirements Select

Number of Integration Points Select

List Upstream Dependencies (Application
Info
Application Names)
Dependencies Upstream Dependencies Select
List Downstream Dependencies (Application
Info
Names)
Dowstream Dependencies Select

Business Criticality
 Cloud Readiness Analysis

Category Question

BU Name

Application Name

Detailed Description
General
URL

Application Unique ID (Refer: CI from CMDB)

App Life expectancy (Decommisioning Time)

Compliance requirements (PCI DSS, FISMA, SOC, or if "Others"- please
specify)
Regulatory Regulatory requirements - (Limiting data hosting to specific geography)

If Yes for Regulatory, please indicate the limitation

Business Criticality

Application Availability

Application Availability Comments

Business Criticality Does the application have a business continuity plan?

DR Solutions

RPO (hours)

RTO (hours)

Security Requirement

In-transit Data Encryption

Security Rest Data Encryption

Authorization and Authentication Model

Indicate the security protocol used?

Licensing Limitations for Portability

License If there is a licensing portability limitation - Please describe the limitation

Annual User / Data Growth

Application Owner

Application Owner Contacts

Stakeholder Details
 Tech Lead

Stakeholder Details Business Lead

Testing Lead

Security SPOC

DB / Enterprise technology SPOC

Application Type

Technology Stack

Is Application Architecture Documentation Available?

Hardware / OS dependencies

If yes, list Hardware / OS dependencies

Integration points (include upstream & downstream dependency)

List Upstream Dependencies (Application Names)

Application Details
List Downstream Dependencies (Application Names)

Scalable Architecture

Is the Application Stateless / Stateful

Who provides support for the apps?

Is the app Home built vs. 3rd party

Detail of built - Does the vendor still support the app

Are there any post install config requirements? Provide details

Database Management System (DBMS)

DBMS Version Details

Database Application List (if DB shared across Applications)

DB Clustered

DB Throughput

Technology Stack

Upstream Transport

Others Downstream Transprot

Landing Zone Recommendation

ET/Non ET
ss Analysis

Reference

Describe primary functionality of the application.

Identifier assigned by <Customer> to uniquely identify an application.

Life expectancy helps to understand when the application is expected to be
decommissioned. If there is no specific plan to decommission, input the
option
List all "More than 3requirements
compliance years". of the application. If more than one
compliance requirement is met by the application, list the same as below:
E.g... PCI DSS, FISMA
Critical - Immediate impact on organization’s business, finances. User can
tolerate less than 30 min downtime
Important - Impact on organization’s business and finance in a few days.
User can tolerate less than 2-3 days downtime
Moderate - Impact on organization's business and finance is mild. Minimal
impact on users
Availability SLA of-the
Internal / Support application.
Intranet facing applications supporting internal functions
of the organization. Impacts only internal users

High - Sensitive data and information. Needs to be protected always.

Restricted access... Medium - Moderate level of security requirement...Low
- Minimal security requirement on the data and application. It can be directly
exposed to internet

Determine if the Application / Component / Tool vendor provides licensing

support for Cloud
BUSINESS UNIT QUESTIONNAIRE
General
BU Name Application Detailed URL Application App Life
Name Description Unique ID expectancy
(Refer: CI (Decommision
from CMDB) ing Time)
 Regulatory Business Crit
Compliance requirements Regulatory requirements - If Yes for Business Application
(PCI DSS, FISMA, SOC, or if (Limiting data hosting to Regulatory, Criticality Availability
"Others"- please specify) specific geography) please
indicate the
limitation
 Business Criticality Security
Application Does the DR Solutions RPO (hours) RTO (hours) Security In-transit Data
Availability application Requirement Encryption
Comments have a
business
continuity
 Security License
Rest Data Authorization Indicate the Licensing If there is a Annual User / Application
Encryption and security Limitations for licensing Data Growth Owner
Authentication protocol Portability portability
Model used? limitation -
Please
 Stakeholder Details
Application Tech Lead Business Testing Lead Security DB / Application
Owner Lead SPOC Enterprise Type
Contacts technology
SPOC
 Application Details
Technology Is Application Hardware / If yes, list Integration List Upstream List
Stack Architecture OS Hardware / points Dependencie Downstream
Documentatio dependencies OS (include s (Application Dependencie
n Available? dependencies upstream & Names) s (Application
downstream Names)
Details Datab
Scalable Is the Who provides Is the app Detail of built Are there any Database
Architecture Application support for Home built vs. - Does the post install Management
Stateless / the apps? 3rd party vendor still config System
Stateful support the requirements (DBMS)
app ? Provide
 Database Others
DBMS Application DB Clustered DB Technology Upstream Downstream
Version List (if DB Throughput Stack Transport Transprot
Details shared across
Applications)
Others
Landing Zone ET/Non ET
Recommenda
tion
CLOUD APPLICATION QUESTIONNAIRE
General
BU Name Application Application Environment Environment Hosted Physical /
Name Unique ID Details Location Virtual
(Refer: CI
from CMDB)
 Infrastructure
Instance ID IP Address OS OS Service # Cores CPU Memory (GB)
Pack /
Version
 Utilization
Storage Class Storage size CPU Peak Memory Peak Application Expected Expected
(GB) Utilization Utilization Users Data Latency
(over 12 (over 12 Location ( US Bandwidth requirements
months) months) - East, US - requirements
West, US -
Central,
Europe,
 Others Recommendations
DNS Server name Domain Landing Zone Recomme Recomme Logical Recomme Migrated
Recommenda nded CPU nded Partioning nded Server
tion & Storage vCPU & name
Memory Size Memory
Size Size
(App
architectu
re design)
 Migrated Details Validation
Migrated Migrated Migrated Migrated Logical Build QA Status QA
IP CPU Memory Storage Partioning Remarks Comment
Address Size Size s
(MB) (GB)
 Cloud Readiness Summary
S.No Applications Regulatory & Compliance Support for Technology HW/OS Dependencies
Cloud Readiness Summary
License Portability End Conclusion Findings / Reason