Cabinet decisions

Cabinet policy for cloud computing was updated in July 2016 with the introduction of new measures to accelerate the adoption of public cloud services.

Accelerating public cloud services

The new measures agreed in July 2016 included permitting agencies to use offshore-hosted office productivity services, and requiring agencies to have a cloud plan. For further information, refer to the cabinet paper: CAB-16-MIN-0316 (PDF, 343KB).

Cloud risk assessment process

In October 2013, Cabinet directed agencies to make decisions on adoption of public cloud services on a case-by-case basis following a formal risk assessment, and approved by chief executives or their delegates. In addition, data classified higher than RESTRICTED was not permitted to be stored in a public cloud service. For further information, refer to the cabinet paper: CAB Min (13) 37/6B (PDF, 227KB).

ICT assurance

In August 2013, Cabinet also incorporated the cloud risk assessment process into the system-wide ICT assurance framework. For further information, refer to the cabinet paper: CAB Min (13) 20/13 (PDF, 537KB)

Cloud First policy

In August 2012, Cabinet directed government agencies to adopt public cloud services in preference to traditional IT systems. Agencies were not permitted at that time to use offshore-hosted office productivity services. For further information, refer to the cabinet paper: CAB Min (12) 29/8A (PDF, 606KB).

Page last updated: 14/02/2017