As companies move to the Software as a Service model, an increasingly common scenario is for them to proceed without involving their IT departments, creating serious cloud governance issues. IT is often approached when a technology-focused SaaS solution, such as a new e-mail or related collaboration tools, is required. However, when it comes to a more business-oriented SaaS solution, such as a new customer relationship management or HR system, SaaS vendors are often bypassing IT and approaching the business directly.

Because SaaS often represents a quick and easy solution to a pressing business need, the temptation to move forward without IT is strong. In many companies, IT is perceived as being slow to respond, requiring detailed preliminary assessments when a business need is presented and taking months or longer to deliver a solution. Business departments think they can move quickly to the cloud themselves, without the delay and perceived complexity added by IT.

However, the failure to get IT involved can be both risky and costly from a cloud governance perspective. SaaS implementations often start small but grow big, having a much larger impact on a company’s IT environment than originally anticipated. Issues around data duplication, identity management, incident management and integration might seem easily manageable in the beginning, but as the number, size and scope of isolated SaaS systems increases throughout the business, these issues become complex and difficult to address.

Without IT’s involvement early on, cloud governance-related issues can easily get out of control. By the time IT is brought in, the investment required to fix these issues can have a negative impact on the anticipated SaaS benefits and return on investment.

To avoid this scenario and ensure better risk management, it’s imperative for IT departments to prepare in advance for their company’s move to the cloud. CGI recommends the following steps be taken:

• Conduct a cloud readiness assessment: Prepare a comprehensive cloud readiness assessment that covers all of the fundamentals of multi-cloud vendor governance and security
• Ensure cloud agility: Evaluate the capacity of your company’s current architectural structure to accommodate cloud services and make any necessary changes, such as moving toward a service-oriented architecture to speed up cloud integration; IT departments need to move to an “IT as a Service” paradigm
• Know your internal costs: SaaS might seem like a cost-efficient model, but be sure to thoroughly analyze all of the costs involved. Determine the real ROI for a SaaS implementation.

With advanced and thorough preparation, IT departments can be better equipped to get involved early on, provide the requisite governance oversight and reduce their company’s cloud risks.