APM Group launches guidance for navigating the CIF Code of Practice

Accreditation body sets out clear certification guidance for CSPs.

  • Friday, 12th April 2013 Posted 11 years ago in by Phil Alsop

APM Group, the Cloud Industry Forum’s (CIF) independent certification partner, has today launched a series of documents to provide guidance to Cloud Service Providers (CSPs) looking to assess their readiness and prepare for CIF Code of Practice self-certification.


Launched in 2010, the CIF Code of Practice is a credible, certifiable tool that allows enterprises offering cloud services to demonstrate they meet specified requirements of transparency, capability and accountability, in order to provide clarity and assurance to end users seeking to migrate to the cloud.


By launching the guidance with support from the CIF Code Governance Board, APM Group has taken steps to help CSPs better understand how self-certification against the Code can benefit their business. The documentation extends existing self-certification guidance, providing clearer direction on the Code’s requirements and the expected evidence and output of a CSP Self-Certification exercise, improving the usability of the scheme.


Richard Pharro, CEO of APM Group, said: “There are no doubt tangible benefits of certifying against the CIF Code of Practice, not least for smaller cloud providers, who often must work harder to demonstrate their capabilities to clients and prospects. But it isn’t going to be right for every CSP. We have produced these documents to provide greater clarity on not only how a CSP should go about achieving certification, but also help them assess whether the scheme is right for their business.


“The Code of Practice isn’t a rubber stamp of approval. It’s rigorous and CSPs will need to assess, improve and declare their operations before they can fully meet the Code’s transparency, capability and accountability requirements. With this guidance, we hope to make the process as efficient and pain-free as possible. APM Group will also assist service providers through the certification process with hand-holding support and additional clarification as required.”


According to the latest research from CIF, the primary concerns about cloud adoption are data security, data privacy and data sovereignty. Whilst these are no longer barriers to adoption, they work to slow down the pace of adoption.


Pharro concluded: “Ultimately, end users are looking for assurances when they migrate to the cloud. In a market of online delivery models with many new and emerging vendors, how does a potential customer get comfort that the CSP they chose to work with will provide a trustworthy, secure, stable and effective solution? These issues are at the heart of the case for the CIF Code of Practice.”


The new documentation can be downloaded from here: http://www.cloudindustryforum.org/code-of-practice/cloud-service-provider-info-pack