Dive Brief:

• Microsoft recently released its Cloud Services Due Diligence Checklist in order to provide companies with a standardized way of evaluating how cloud technology offerings can best suit their needs.
• The checklist is intended for risk management, procurement, legal professionals and CIOs seeking to comply with international regulations while advancing business specific objectives such as privacy, personally identifiable information and data security.
• Completion of the checklist should help companies define their organizational cloud policy, their project needs and reconcile differences between needs and available services, according to the instructional guide released alongside the checklist.

Dive Insight:

Cloud-based ERP, TMS or WMS solutions provide great benefits including greater capacity for integration, IoT-based visibility, and decreased server management costs, but transitioning away from on-site systems also comes with an increased data security risk. 

Companies that rely entirely on cloud-based systems could, through a data breach, give away personal and supplier information which could lead to increased financial risk. In another circumstance, without the proper security, a hacker could shut down access to the system for an extended period of time and completely disrupt operations. The issue is of such importance that the U.S. government recently began training companies on cyber-risk mitigation strategies.  

The "due diligence" checklist should help supply chain executives on the market for such programs take the matter into their own hands and evaluate a system's compliance with privacy, accessibility and information security standards.