Management and Oversight of Cloud Managed Services Contracts and the Enterprise Cloud Program Need Improvements

The Chief Procurement Officer should ensure that the penalty of $1,017 is collected from the managed service provider for not meeting the service level.

The Chief Procurement Officer should ensure that contracting officers include all applicable contract clauses in cloud services contracts.

The Chief Information Officer should ensure that a modification is executed to the cloud services contract identified as an exception to include contract clauses related to contractor security requirements and training.

The Chief Information Officer should clarify in a formal policy that applications migrating to the cloud are required to engage and be processed centrally by the Enterprise Cloud Architecture and Design office.

The Chief Information Officer should ensure that all applications operating in the cloud have obtained governance board approval.