Interesting document “Cloud SLA standardization guidelines” is available at the Digital Agenda for Europe site. The work has been done by the C-SIG (Cloud Select Industry Group) subgroup, and they are contributing this as input for the new standard ISO/IEC 19086.
Looking the structure below, I think they have well captured different aspects to consider. Worth to have a look while waiting for the ISO and other national&international standards…
-
Performance Service Level Objectives
-
Security Service Level Objectives
-
Service Reliability
-
Authentication & Authorization
-
Cryptography
-
Security Incident management and reporting
-
Logging and Monitoring
-
Auditing and security verification
-
Vulnerability Management
-
Governance
-
-
Data Management Service Level Objectives
-
Data classification
-
Cloud Service Customer Data Mirroring, Backup & Restore
-
Data Lifecycle
-
Data Portability
-
-
Personal Data Protection Service Level Objectives
-
Codes of conduct, standards and certification mechanisms
-
Purpose specification
-
Data minimization
-
Use, retention and disclosure limitation
-
Openness, transparency and notice
-
Accountability
-
Geographical location of cloud service customer data
-
Intervenability
-