DISA seeks metrics for cloud SLAs

When the Government Accountability Office issued a report calling for use of service level agreements for cloud computing contracts, it identified key practices to be included in an SLA, which, if properly implemented, could help agencies "ensure services are performed effectively, efficiently, and securely."

Now the Defense Information Systems Agency and the National Institute of Standards and Technology want suggestions from industry on standardized SLA metrics that should be included in a catalog that all federal agencies could use for commercial cloud contracts. Such voluntary metrics would also help agencies comply with GAO's 2016 guidance.

According to an Aug. 10 request for information, the working group identified 10 areas where SLA metrics are required: accessibility, availability, performance, service reliability, data management, attestations, certs, and audits, change management, cloud service support, governance and termination of service.

In addition to submitting a list of metric, responders are asked to describe the origin, scale and category for each metric; how it is calculated; what it includes; and any expected constraints.

Responses are due Sept. 10.