Cloud computing is not just about resource sharing, cost savings and optimisation of business performance; it also involves fundamental concerns on how businesses need to respond on the risks and challenges upon migration. Managing risks is critical for a sustainable cloud adoption. It includes several dimensions such as cost, practising the concept of green IT, data quality, continuity of services to users and clients, guarantee tangible benefits. This paper presents a risk management approach for a sustainable cloud migration. We consider four dimensions of sustainability, i.e., economic, environmental, social and technology to determine the viability of cloud for the business context. The risks are systematically identified and analysed based on the existing in house controls and the cloud service provider offerings. We use Dempster Shafer (D-S) theory to measure the adequacy of controls and apply semi-quantitative approach to perform risk analysis based on the theory of belief. The risk exposure for each sustainability dimension allows us to determine the viability of cloud migration. A practical migration use case is considered to determine the applicability of our work. The results identify the risk exposure and recommended control for the risk mitigation. We conclude that risks depend on specific migration case and both Cloud Service Provider (CSP) and users are responsible for the risk mitigation. Inherent risks can evolve due to the cloud migration.
This is an open access article distributed under the Creative Commons Attribution License
which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited