impACT Grid - Cloud Journey Assessment

Start
Cloud Strategy
Architecture and Governance
Data Analytics
Operations and Process Management
Financial Management
Security and Risk
All done!

Cloud Journey Assessment

Increase your business impact and generate more value for your partners and customers using cloud technology.

Complete the assessment to find out where you are in your cloud journey. Leave your contact details to begin.

Your result will be displayed on the final screen and sent to your email address. We will also be in touch to give you detailed, personalized recommendations.

First Name

Last Name

I agree to receive marketing communications from Predica LLC via electronic means (email, website)*

Cloud Strategy

Cloud Strategy - Score

How far are you in the adoption of public cloud services?

No cloud services introduced nor planned.

Some services for a few users. We're assessing company needs/strategy, getting information on vendors.

We've recently introduced one/two services and are considering/already moving first applications to the cloud.

We have a list of applications we'd like to use and are in the process of/completed moving them to the cloud.

We have a cloud-first policy, so everything we use is cloud-based by default. New applications are designed for the cloud from the beginning.

What are the primary factors driving potential interest in the cloud?

Don't know. / Not applicable.

Reduced IT workload, more storage capacity, reduced on-site infrastructure, improved backup services/disaster recovery, cost savings.

Moving capital expenses to operating expenses, improved productivity, workforce mobility, scalability/flexibility.

Always-on access to applications and data, long-term IT strategy.

New services driven by technology, evaluation of new business models.

What are the major concerns around the cloud at your current stage of cloud adoption?

Don't know. / Not applicable.

Integration with current networks/applications/systems, security concerns.

Legal and regulatory compliance, lack of visibility into future costs.

Lack of standardization across vendors, difficulty finding a vendor with needed skills and offerings.

No concerns.

How do you approach building skills related to the public cloud at your organization?

Don't know. / Not applicable.

Individuals are trained as needed.

We have planned training on cloud technology for our IT department.

We have a defined standard cloud services learning path for our engineers. Cloud skills are required for all IT employees.

Cloud skills are a standard requirement for business (non-IT) users.

Do you have a defined schedule for cloud migration of your current datacenters?

Don't know. / Not applicable.

Up to 12 months for selected workloads. Cloud will be used for backup/disaster recovery only.

Up to 12 months for productivity workloads. All new workloads for servers are created in the cloud.

The majority of servers are in the public cloud. All new applications are created with the public cloud as a target environment.

The majority of applications run in the cloud. Cloud is the environment of choice for all new workloads and applications.

What is the main focus of metrics/KPIs related to your public cloud adoption and usage?

Don't know. / Not applicable.

Cloud infrastructure cost.

Service availability and SLA-related metrics.

Return on investment for services build in the public cloud.

Measurement of business outcomes from solutions in the public cloud (not IT-related).

What will you consider as a technical success in your cloud journey?

Don't know. / Not applicable.

Moving infrastructure to the cloud.

Moving applications to the cloud.

Building new cloud-native applications.

Launching new, data-driven intelligence solutions. / Cloud-first business.

Architecture and Governance

Architecture and governance - Score

What is the primary approach to your application and workload migration?

Don't know. / Not applicable.

Lift-and-shift server migrations, rehosting.

Moving partially to platform services.

Refactoring of applications to leverage PaaS/platform services.

Replacing all possible infrastructure elements with PaaS or SaaS even if it means retiring the current solution.

How do you approach solution architecture creation in your organization?

Don't know. / Repeatable on-premises architecture patterns.

Network-level high-availability and reliability approach, architecture patterns based on IaaS (VMs) and a typical way of clustering and load-balancing.

Defined guidelines for configuration, ensuring service reliability and high availability using the cloud-native approach with consideration for SLA.

Architecture blueprint to use with workloads and applications. / Cloud-native approach: solutions based mostly on PaaS and serverless.

Event-driven applications consuming events independently from common sources.

What is your first choice when it comes to solution architecture?

Don't know. / On-premises-based solution.

Cloud-hosted, Infrastructure-as-a-Service (IaaS), self-hosted containers infrastructure.

Cloud-first, a mix of PaaS services and Virtual Machines, platform-based container orchestration services.

Cloud-based, PaaS services, event-based, serverless solution architecture.

Event-driven applications consuming events independently from common sources.

What is your approach to services and application integration?

Don't know. / Tightly coupled, network-level connectivity.

Network-level connectivity. / Information exchange through queues and services hosted on VMs or through common data sources (databases).

Loosely coupled services deployed in the cloud. / Service integration through cloud-based queues and storage services.

Integration based on events exchanged between services. APIs as a common way of communication.

Event-driven applications consuming events independently from common sources.

Which of the following is the most important objective of your governance efforts?

Don't know. / Maintain our current infrastructure and deliver its SLAs.

Optimizing operations to reduce cost.

Improving tools and workplace environment for employees.

Engaging customers with improved digital experience.

Transforming products and services to drive new revenue opportunities.

What do you want to achieve with the governance of your environment?

Don't know. / Keeping current infrastructure operational.

Keeping deployed cloud infrastructure operational and secure.

Deploying, managing, and monitoring all resources by business unit, solution, workload, or application.

Speed to remediation of performance or uptime for mission-critical applications, workloads, or solutions.

Ensuring stability, performance, uptime across applications, workloads, and solutions that support the business.

What is your approach to cloud resource deployment?

Don't know. / Not applicable.

Deployments to subscriptions are managed manually.

Most deployments reside within single subscriptions and are separated into resource groups.

All resources related to a single application/type are managed collectively.

Our subscription and tagging strategies align with cloud accounting models, global deployment needs, and resource consistency policies.

Data Analytics

Data Analytics - Score

Which of the following best describes your enterprise's data characteristics?

Don't know. / Inconsistent, unstandardized data, time- and resource-consuming analysis, basic reporting tools and descriptive analytics.

Standardized and structured data, mostly in functional or process silos, BI and basic analytics tools.

Key data domains identified and central data repositories created, expansion into unstructured data.

Integrated, accurate, common data in central repositories, little use of unstructured cloud storage and data analysis.

Search for new data and metrics leveraging structured and unstructured data. Data managed as strategic asset.

What is the ability to capture, transform and enrich data assets, including master data, rules, entities and references?

Don't know / No or little focus on capturing data during general business operations.

Data captured within sparse systems, islands of data.

Data readily available for most analytic needs.

Business requirements drive data acquisition strategy. Data are timely, accurate, consistent and trusted.

Data from multiple sources are frequently combined in an effective, self-service manner by end-users.

Which of the following best describes the analytical techniques that your enterprise can deploy into production use cases?

Don't know. / Mostly ad-hoc, simple math, extrapolation, trends.

Basic statistics, segmentation, database querying, tabulations of key metrics.

Simple predictive analytics, classifications, and clustering, dynamic forecasts.

Advanced predictive methods, advanced optimization, sentiment analytics, text and image analytics.

Neural nets and deep learning, genetic algorithms, advanced machine learning.

Which of the following best describes your analytics tech stack?

Don't know. / Desktop technology, standard office packages, loosely integrated systems.

Individual analytical initiatives, statistical packages, descriptive analytics, database querying, tabulations.

Enterprise analytical plan, tool, and platforms, predictive analytical packages.

Enterprise analytical plan and process, cloud-based big data.

Enterprise-wide big data and analytics architecture, cognitive technologies, prescriptive and autonomous analytics.

How effective is the consumption of enterprise and ad hoc information with tools that are capability-aligned to analytic use cases?

Don't know. / Analytics mainly describe past data amd what has happened.

Analytics are used to inform decision makers why something in the business has happened.

Ad-hoc reporting is performed by business users.

Forward-looking information can be created using business logic of varying sophistication.

Predictive data can be integrated with operational systems to drive improved business outcomes.

Operations and Process Management

Operations and process management - Score

How often are you able to deploy new services?

Don't know. / Monthly or less often.

Weekly, mostly manually.

Daily, scripted deployments.

On-request, automated deployment pipelines.

Service deployment is a continuous activity.

What is the primary approach to your resources and applications deployment?

Don't know. / Manual deployment delivered through change request windows.

Manual deployment to the cloud environment.

Scripts with no centralized deployment service.

Automated deployments through CI/CD pipelines or a shared code repository for infrastructure and applications.

Security controls integrated with CI/CD pipelines.

Do you have dedicated teams to drive your cloud adoption and deployments?

Don't know. / Not applicable.

It is the responsibility of IT department. Cloud resource management is done by infrastructure, networking, and security teams in their areas.

We have a Cloud Migration team of subject matter experts with strong awareness of current technical estate, and cross-disciplinary project teams.

We have a cross-disciplinary Cloud Governance team of subject matter experts from Security, IT, and Business to assess risks and tolerance levels.

We have a dedicated Cloud Strategy team of influencers from Finance, impacted Line of Business units, and Technical Architects.

How do you manage your configuration consistency and security?

Don't know.

Leveraging a platform to manage VMs only for consistency and security. / Ad-hoc configuration management.

We have a formal process for managing the hardening of OS images. / We have defined security architecture blueprints for all services in use.

Processes for configuration drift identification, patch application, and vulnerability detection. / Automation for deployment scripting and orchestration.

All resources are deployed using a common process and deployment pipelines. / Deployment pipelines are used to verify security and apply ad-hoc fixes.

Financial Management

Financial management - Score

What is your organization's primary focus when it comes to cloud cost?

Don't know. / Not applicable.

Finding underused resources to remove waste and maximize cost-saving opportunities.

Categorizing resources for management and billing (using tags) to reduce unnecessary costs in subscriptions.

Organizing resources for efficient spending. Maximizing insights into cost attribution and business impact of technology.

Identifying business outcomes enabled by the cloud, and the expected usage/cost patterns from resources supporting those outcomes.

How do you approach cost allocation for your IT resources?

Don't know. / Single IT budget. No cost allocation across projects.

Cloud resource cost is controlled at IT level. We use high-level cost allocations (e.g. by business units, departments).

We have a documented policy for cost allocation and sharing within and between projects. Solution architectures are designed with cost in mind.

We have a well-developed cost accounting model, and can effectively manage planned vs actual spend. We understand how to handle spiking costs.

IT budget is part of overall business initiatives and not separated from them. Business units manage their cloud spending.

What is the approximate split of your IT budget allocation?

Don't know. / On-premises (80%)

On-premises (70%), Cloud (25%), Experimentation (5%).

On-premises (50%), Cloud (40%), Experimentation (10%).

On-premises (40%), Cloud (45%), Experimentation (15%).

On-premises (25%), Cloud (35%), Experimentation (40%).

Security and Risk

Security and risk - Score

What is your current primary focus in cloud environment security?

Don't know. / Not applicable.

Stopping unauthorized traffic or other forms of intrusion that could compromise the network or other IT assets.

Using public cloud security services to protect applications and data hosted in the cloud.

Preventing exploits by continuously monitoring and applying security recommendations across machines, networks, and cloud services.

Preventing loss or leaks of data, including Personally Identifiable information (PII) or other forms of high-priority data.

How do you approach access management in your environment?

Don't know. / Access is granted ad-hoc, based mostly on the on-premises Active Directory.

Manually managing access for cloud infrastructure. Access granted ad-hoc on as-needed basis to individual users or groups.

Access granted through a unified RBAC model deployed across all subscriptions and cloud resources. Least-privilege principle is in place.

Regular access reviews and recertification. JIT access, role change alerting capabilities for governance controls. Staff trained in secure development.

A holistic view of user access across enterprise resources in all subscriptions and applications.

What is your approach to providing SSO across on-premises and public cloud environments?

Don't know. / Not applicable.

We use a hybrid approach with on-premises Active Directory being the main point of security services.

Cloud identity provider is our service of choice for SSO.

SaaS applications are integrated with a cloud identity provider for SSO.

We use a single centralized, cloud identity provider and device-based authentication for all apps.

What is your sensitive data protection and classification approach?

Don't know. / Not applicable.

Data is always encrypted at rest.

Data is always encrypted in transit.

Data classification and protection tools to protect sensitive information.

Data classification model and an access policy model for High Business Impact (HBI) data. Tools to look for patterns that might indicate malicious activity.

What is your current approach to secure workloads deployed in public cloud or on-premises?

Don't know. / Protecting internal perimeter with network-level security.

Network-level security with most of the protection on-premises. Port filtering and network-level protection for cloud services.

Cloud-first services for application security. Security monitoring with cloud-native tools.

Continuous security monitoring and remediation. Deployment through automated pipelines, with automated safeguards and policy enforcement.

Mostly identity-centric security (user and data on access). Cloud services used for active threat hunting.

How do you manage your identity and access risk?

Don't know. / Not applicable.

Manual process, no polices established. Ad-hoc risk assessment.

RBAC for access management. Periodically auditing identity policies.

RBAC for cloud access management. Constant environment scanning for malicious actors. Least privilege access set up.

Risk-based approach to access management and access policies evaluation.

Total Score

Thank you for completing the assessment

Click the button below to see where you are in your cloud journey. Within two business days, we will get back to you to discuss your answers in more depth.