The Cloud Outage Incident Response (COIR) Guidelines continues Singapore’s strong commitment to Business Continuity Management and Disaster Recovery (DR) Plans by bringing clarity on how to respond to outages in the cloud. This will strengthen transparency, trust and resilience of cloud service providers (CSPs) in a Smart Nation.
It builds upon previous IDA’s COIR guidelines and standards around BCM and DR plans and form part of IMDA’s drive to ensure standards keep pace in the changing landscape of emerging technologies.
The main objective is to reduce damages and losses caused by cloud outages by providing a COIR framework for Cloud Service Customers (CSCs) to choose the appropriate outage protection measures to complement their own business continuity/IT DR capabilities through:
- a set of common parameters and guidelines for CSCs for identification, evaluation, and negotiation of protection needs with CSPs to incorporate into the SLAs;
- sharing of COIR practices by CSPs via the same set of common parameters to facilitate comparison and matching of outage protection needs with provisions.
The guidelines focus on cloud outage directly associated with operational mistakes, infrastructure or system failure and environmental issues (e.g. flooding, fire) but exclude cyber security, and malicious act. The guidelines are industry agnostic and primarily meant to serve the needs of all types cloud users. It is applicable to all types of cloud service models as well as cloud deployment models.
Adoption of the COIR guidelines is entirely voluntary. However, CSPs are encouraged to publicly disclose their “as-is” COIR practices. Potentially, this will not only cut down the client engagement time and sales cycle, but also minimize or avoid future disputes with CSCs in managing cloud outages.
All enquiries regarding COIR Guidelines can be addressed to email@example.com