The Impact of Cloud Computing on Corporate IT Governance

By Bruce Maches

January 25, 2010

This is the second in a series of articles discussing the impact of cloud computing on IT governance. The first article dealt with more informal internal IT processes while this article examines clouds impact from the formal management IT governance/steering committee aspect.

While cloud computing is enabling some fundamental changes on how IT groups deliver services, from a corporate management viewpoint, the basic principles of IT governance still remain true. However, the advent of cloud computing is having an increasing impact on how the components of the governance process are executed. For the purpose of this article, we will use the COBIT model (Control OBjectives for Information and related Technology) that is comprised of five major process focus areas: Strategy Alignment, Value Delivery, Resource Management, Risk Management, and Performance Measurement.

Governance at its core is the effective management of the IT function to ensure that an organization is realizing maximum value from its investments in information technology. Many companies, especially those with considerable IT budgets, have implemented significant internal IT governance procedures to manage their IT investment portfolio. This governance function provides the processes and framework for the management team to analyze, understand, and manage the level of return on the organizations technology investments. Industry studies show that on average, companies with effective IT governance processes in place average 5-7 percent less in equivalent IT spend to deliver the same functionality as compared to those companies that do not.

Any proper IT governance function also requires active management participation, the proper forum to make IT related decisions, and effective communication between the IT organization and the company’s management team. While these factors are critical to creating a successful IT governance function, there are five essential areas of process focus as spelled out in the COBIT model, which are described here:

  1. Strategic Alignment: This focuses on ensuring the linkage of business and IT plans; defining, maintaining and validating the IT value proposition; and aligning IT projects and operations with enterprise operations.
  2. Value Delivery: This is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised benefits against the strategy, concentrating on optimizing costs and proving the intrinsic value of IT.
  3. Resource Management: This is about the optimal investment in, and the proper management of, critical IT resources: applications, information, infrastructure and people. Key issues relate to the optimization of system knowledge and technical infrastructure.
  4. Risk Management: This requires risk awareness by senior corporate officers, a clear understanding of the enterprise’s appetite for risk, understanding of compliance requirements, transparency about the significant risks to the enterprise and embedding of risk management responsibilities into the IT organization.
  5. Performance Measurement: This tracks and monitors strategy implementation, project completion, resource usage, process performance and service delivery, using, for example, balanced scorecards that translate strategy into action to achieve goals measurable beyond conventional accounting.

If the IT governance framework isn’t implemented and managed correctly, this can adversely impact how well IT delivers on its commitments to its customers along with how IT is perceived within the organization. Lack of effective IT strategy, governance and oversight can cause continued issues with project overruns or even outright failures, project stakeholder dissatisfaction, and reduced business value received in relation to the resources expended. Companies that properly manage their IT function operate with a higher level of certainty that they are receiving an appropriate level of value from their investments in information technology. They also have the ability to ensure that the IT group is working on the projects that provide the most business value to the organization.

Now that we have discussed the impact of cloud computing on the IT group, let’s examine how cloud computing effects the five governance factors as defined in the COBIT model.

Value Delivery: Under the pre-cloud provisioning model, most new projects included costs for hardware to support the application and usually for testing and development environments also. IT was also guilty of over-buying hardware to ensure that if there were performance issues they were at least not hardware-related and to provide capacity for peak loads that might never materialize. Cloud computing offers several options that can change the cost model and free up more of the IT budget for innovation and not for under-utilized hardware and associated support. One option would be to provision test and QA instances via the cloud instead of purchasing additional servers or to shift peak loads to the cloud instead of maintaining that capacity internally. Cloud-based tools could also enable rapid prototyping, allowing for quicker delivery of business applications. With the potential cost savings, projects that were cost prohibitive may now be viable or funds freed up to support additional projects. Certainly some of these issues can be addressed using virtualization but cloud gives the IT group another tool in its tool kit to attack business problems. With the right strategy and mix of technologies, the IT group can deliver more value for potentially less money. There is one caveat. In order to ensure that proper value is being delivered, the IT organization needs to have a firm grasp on its internal cost structure as mentioned above in order to correctly drive investments.

Resource Management: One of the challenges in any IT group is appropriately managing the resources as its disposal to provide as much business value as possible. Cloud computing can impact the resources available to IT in a variety of ways. From a personnel standpoint, cloud will require a shift in operational skill sets from a more internally focused system services mentality to a more holistic system viewpoint oriented around delivering business value and not system infrastructure. IT staff will need to have increased knowledge of the value chain in the business to better understand where cloud technologies can fit in and to also recognize where they are not appropriate. IT management should include a plan to deal with the personnel skills changes required and incorporate that into any overall cloud adaptation strategy. Cloud can also impact system resources by requiring additional network bandwidth, monitoring tools, or other items to appropriately manage and maintain this new hybrid environment.

Risk Management: This is one of the most critical areas of governance impacted by cloud computing. Critical questions arise when cloud computing is brought into the existing IT ecosystem. These questions include those oriented to data protection and business continuity such as, impact to existing disaster recovery plans, how backups/restores and data archival policies are effected, and how are any business continuity plans effected. IT management must have a clear understanding of risk related to vendor service levels, strategies for mitigating that risk and how any potential outages would impact the business. IT also must examine security access and potential risks from putting corporate data into the cloud and what the potential impact might be on the business if data is lost or access control is breached. Other risks that need to be addressed revolve around the viability of the vendor, long-term prospects of any particular technology, and the impact to the existing IT infrastructure. All these questions and more must be asked and addressed, particularly as cloud computing is embraced for more critical business applications and IT services.

Performance Measurement: This area looks at the overall achievement of the IT organization. While cloud does not directly impact the purpose of this portion of the governance process, it does modify some aspects of the underlying key performance measures. Performance measurement is directed at providing management with information on how the IT group is performing outside of conventional accounting measures such as project completion, resource usage, service delivery, and user support metrics. While not integral to the adoption of cloud computing, the setting of governance goals and objectives should take into account the impact of using cloud resources. This could include completing projects quicker by provisioning resources via the cloud or using cloud resources to speed prototyping, or higher efficiencies in using funding and personnel resources by leveraging cloud capabilities. IT organizations will need to review and adjust their metrics and measurements and adjust accordingly.

Strategic Alignment: The primary goal of IT governance is to ensure alignment with organizational objective, cloud computing would not have a significant impact on this area of the IT governance process. Regardless of the technical architecture being proposed for a project, the management team needs to maintain the linkage of business goals and IT plans and ensure that IT projects and operations align with the enterprise needs.


Effective governance is a critical process and is key to maximizing the value any organization receives from its investment in IT. To take full advantage of what cloud computing can provide, IT organizations need reevaluate their corporate governance procedures and adapt them as necessary. For those companies willing to invest in the appropriate governance processes, the future looks bright; for those not ready or willing, the future looks cloudy indeed.

About the Author

Bruce Maches is a 32-year IT veteran and has worked or consulted with firms such as IBM, Pfizer, Eli Lilly, SAIC, and Abbott. He can be reached at

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

Scientists Conduct First Quantum Simulation of Atomic Nucleus

May 23, 2018

OAK RIDGE, Tenn., May 23, 2018—Scientists at the Department of Energy’s Oak Ridge National Laboratory are the first to successfully simulate an atomic nucleus using a quantum computer. The results, published in Ph Read more…

By Rachel Harken, ORNL

Pattern Computer – Startup Claims Breakthrough in ‘Pattern Discovery’ Technology

May 23, 2018

If it weren’t for the heavy-hitter technology team behind start-up Pattern Computer, which emerged from stealth today in a live-streamed event from San Francisco, one would be tempted to dismiss its claims of inventing Read more…

By John Russell

Intel, Micro Debut Quad-Level Cell NAND Flash

May 22, 2018

Chipmakers continue to gear designs toward AI and other demanding cloud workloads that take advantage of datacenter flash storage capacity. To that end, memory specialist Micron Technology Inc. began shipping compact sol Read more…

By George Leopold

HPE Extreme Performance Solutions

HPC and AI Convergence is Accelerating New Levels of Intelligence

Data analytics is the most valuable tool in the digital marketplace – so much so that organizations are employing high performance computing (HPC) capabilities to rapidly collect, share, and analyze endless streams of data. Read more…

IBM Accelerated Insights

Mastering the Big Data Challenge in Cognitive Healthcare

Patrick Chain, genomics researcher at Los Alamos National Laboratory, posed a question in a recent blog: What if a nurse could swipe a patient’s saliva and run a quick genetic test to determine if the patient’s sore throat was caused by a cold virus or a bacterial infection? Read more…

Japan Meteorological Agency Takes Delivery of Pair of Crays

May 21, 2018

Cray has supplied two identical Cray XC50 supercomputers to the Japan Meteorological Agency (JMA) in northwestern Tokyo. Boasting more than 18 petaflops combined peak computing capacity, the new systems will extend the a Read more…

By Tiffany Trader

Pattern Computer – Startup Claims Breakthrough in ‘Pattern Discovery’ Technology

May 23, 2018

If it weren’t for the heavy-hitter technology team behind start-up Pattern Computer, which emerged from stealth today in a live-streamed event from San Franci Read more…

By John Russell

Japan Meteorological Agency Takes Delivery of Pair of Crays

May 21, 2018

Cray has supplied two identical Cray XC50 supercomputers to the Japan Meteorological Agency (JMA) in northwestern Tokyo. Boasting more than 18 petaflops combine Read more…

By Tiffany Trader

ASC18: Final Results Revealed & Wrapped Up

May 17, 2018

It was an exciting week at ASC18 in Nanyang, China. The student teams braved extreme heat, extremely difficult applications, and extreme competition in order to cross the cluster competition finish line. The gala awards ceremony took place on Wednesday. The auditorium was packed with student teams, various dignitaries, the media, and other interested parties. So what happened? Read more…

By Dan Olds

Spring Meetings Underscore Quantum Computing’s Rise

May 17, 2018

The month of April 2018 saw four very important and interesting meetings to discuss the state of quantum computing technologies, their potential impacts, and th Read more…

By Alex R. Larzelere

Quantum Network Hub Opens in Japan

May 17, 2018

Following on the launch of its Q Commercial quantum network last December with 12 industrial and academic partners, the official Japanese hub at Keio University is now open to facilitate the exploration of quantum applications important to science and business. The news comes a week after IBM announced that North Carolina State University was the first U.S. university to join its Q Network. Read more…

By Tiffany Trader

Democratizing HPC: OSC Releases Version 1.3 of OnDemand

May 16, 2018

Making HPC resources readily available and easier to use for scientists who may have less HPC expertise is an ongoing challenge. Open OnDemand is a project by t Read more…

By John Russell

PRACE 2017 Annual Report: Exascale Aspirations; Industry Collaboration; HPC Training

May 15, 2018

The Partnership for Advanced Computing in Europe (PRACE) today released its annual report showcasing 2017 activities and providing a glimpse into thinking about Read more…

By John Russell

US Forms AI Brain Trust

May 11, 2018

Amid calls for a U.S. strategy for promoting AI development, the Trump administration is forming a senior-level panel to help coordinate government and industry research efforts. The Select Committee on Artificial Intelligence was announced Thursday (May 10) during a White House summit organized by the Office of Science and Technology Policy (OSTP). Read more…

By George Leopold

MLPerf – Will New Machine Learning Benchmark Help Propel AI Forward?

May 2, 2018

Let the AI benchmarking wars begin. Today, a diverse group from academia and industry – Google, Baidu, Intel, AMD, Harvard, and Stanford among them – releas Read more…

By John Russell

How the Cloud Is Falling Short for HPC

March 15, 2018

The last couple of years have seen cloud computing gradually build some legitimacy within the HPC world, but still the HPC industry lies far behind enterprise I Read more…

By Chris Downing

Russian Nuclear Engineers Caught Cryptomining on Lab Supercomputer

February 12, 2018

Nuclear scientists working at the All-Russian Research Institute of Experimental Physics (RFNC-VNIIEF) have been arrested for using lab supercomputing resources to mine crypto-currency, according to a report in Russia’s Interfax News Agency. Read more…

By Tiffany Trader

Nvidia Responds to Google TPU Benchmarking

April 10, 2017

Nvidia highlights strengths of its newest GPU silicon in response to Google's report on the performance and energy advantages of its custom tensor processor. Read more…

By Tiffany Trader

Deep Learning at 15 PFlops Enables Training for Extreme Weather Identification at Scale

March 19, 2018

Petaflop per second deep learning training performance on the NERSC (National Energy Research Scientific Computing Center) Cori supercomputer has given climate Read more…

By Rob Farber

AI Cloud Competition Heats Up: Google’s TPUs, Amazon Building AI Chip

February 12, 2018

Competition in the white hot AI (and public cloud) market pits Google against Amazon this week, with Google offering AI hardware on its cloud platform intended Read more…

By Doug Black

US Plans $1.8 Billion Spend on DOE Exascale Supercomputing

April 11, 2018

On Monday, the United States Department of Energy announced its intention to procure up to three exascale supercomputers at a cost of up to $1.8 billion with th Read more…

By Tiffany Trader

Lenovo Unveils Warm Water Cooled ThinkSystem SD650 in Rampup to LRZ Install

February 22, 2018

This week Lenovo took the wraps off the ThinkSystem SD650 high-density server with third-generation direct water cooling technology developed in tandem with par Read more…

By Tiffany Trader

Leading Solution Providers

HPC and AI – Two Communities Same Future

January 25, 2018

According to Al Gara (Intel Fellow, Data Center Group), high performance computing and artificial intelligence will increasingly intertwine as we transition to Read more…

By Rob Farber

Google Chases Quantum Supremacy with 72-Qubit Processor

March 7, 2018

Google pulled ahead of the pack this week in the race toward "quantum supremacy," with the introduction of a new 72-qubit quantum processor called Bristlecone. Read more…

By Tiffany Trader

HPE Wins $57 Million DoD Supercomputing Contract

February 20, 2018

Hewlett Packard Enterprise (HPE) today revealed details of its massive $57 million HPC contract with the U.S. Department of Defense (DoD). The deal calls for HP Read more…

By Tiffany Trader

CFO Steps down in Executive Shuffle at Supermicro

January 31, 2018

Supermicro yesterday announced senior management shuffling including prominent departures, the completion of an audit linked to its delayed Nasdaq filings, and Read more…

By John Russell

Deep Learning Portends ‘Sea Change’ for Oil and Gas Sector

February 1, 2018

The billowing compute and data demands that spurred the oil and gas industry to be the largest commercial users of high-performance computing are now propelling Read more…

By Tiffany Trader

Nvidia Ups Hardware Game with 16-GPU DGX-2 Server and 18-Port NVSwitch

March 27, 2018

Nvidia unveiled a raft of new products from its annual technology conference in San Jose today, and despite not offering up a new chip architecture, there were still a few surprises in store for HPC hardware aficionados. Read more…

By Tiffany Trader

Hennessy & Patterson: A New Golden Age for Computer Architecture

April 17, 2018

On Monday June 4, 2018, 2017 A.M. Turing Award Winners John L. Hennessy and David A. Patterson will deliver the Turing Lecture at the 45th International Sympo Read more…

By Staff

Part One: Deep Dive into 2018 Trends in Life Sciences HPC

March 1, 2018

Life sciences is an interesting lens through which to see HPC. It is perhaps not an obvious choice, given life sciences’ relative newness as a heavy user of H Read more…

By John Russell

  • arrow
  • Click Here for More Headlines
  • arrow
Share This