Aligning with regulation and cloud strategy
In Brief
To migrate to the cloud, public administration entities must ensure that choices and actions are consistent with the Cloud Italy Strategy and the regulatory framework on security, data protection and management of public digital services.
Roles and responsibilities
-
Public Administration
Makes sure the migration complies with current regulations, keeps track of decisions and compliance issues throughout the project.
-
Cloud service provider
Adopts planned data security and protection measures and provides technical evidence and documentation necessary for the PA to ensure compliance.
How to proceed
These actions help to navigate the regulatory framework and set up migration in a compliant manner.
- Check the cloud rules for PA
The PA and the provider consult the Cloud Regulations for PA published by the National Cybersecurity Agency (NCA), which contains guidance on security, data protection, classification and localization of information.
- Aligning Migration with the Italy Cloud Strategy
The Cloud Strategy establishes goals and priorities for cloud adoption in PA. Its principles must be adopted when defining technology choices, migration scenarios, service model, and vendor selection.
- Monitor updates to the Three-Year Plan
The Three-Year Plan may be updated with operational news, priorities or useful tools. The PA and provider check if there are directions related to cloud migration, digital service management, or security, and integral in the work plan.