F-Q108 Cloud Emergency Exit Strategy Planning
F-Q108 Cloud Emergency Exit Strategy Planning
File Reference : F-Q108 Cloud Emergency Exit Strategy Planning
Date File Updated 24-06-25
File Format MS Word
No. of files 1
Category Quality Form Templates

  • £10.00

  or  

 Login to Download


This form can be used to complete a more detailed review of cloud service provision. Cloud services are something that many organisations are increasingly reliant on and this form allows an overall review of what is held in the cloud, how reliable the cloud platform being used are and ultimately if the level of risk after consideration of the controls in place is acceptable.

The form is 6 pages long with 6 sections;

1. Overview of cloud services provided

This section is used to provide an overview of cloud services (from a particular provider or for a particular cloud service) and includes a number of sections to formally review the cloud service provider including a review of service level agreement / contractual arrangements and security. A rating of the cloud provider can be completed to determine an overall score for the provider based on consideration of;

  • Likelihood that provider / service could cease trading or remove service
  • Reliability / Performance rating of service provided
  • Cost
  • Security
  • (any other ratings required)

2. Data and Applications with this Cloud Service (Review of Criticality)

This section includes a more detailed breakdown of the data and applications held with the cloud provider - essentially a review of criticality and also consideration of data types, importance, dependencies and also consideration of existing backup and archive arrangements.

3. Portability of Data and Applications with this Cloud Service

This section of the form is a review of portability and considers;

  • Overview of transfer process including security of data in transit
  • Technical and security considerations including rollback plans
  • Legal, regulatory, compliance and data ownership considerations
  • Exit terms / Costs / Notice period

4. Migration Plan

After completion of the first 3 sections of the form it may be that no further action is required but if risks and issues have been identified then the next section is for detailing the migration plan (cloud exit strategy) and this is where details of proposed new cloud provider(s) can be detailed as well as pre-transfer testing arrangements and consideration of risks with a section for logging the consultation and approval of relevant persons who need to be consulted.

There is also a section where actual arrangements for transfer can be detailed with details of what is being transferred, responsibility, transition period and other arrangements.

5. Post Migration

The final section of the form includes post migration prompts and sections for comments;

  • Return / Deletion or clean-up of any data
  • Contract Termination 
  • Access controls updates
  • Other Arrangements or updates to procedures required in response to new cloud environment

Note - if have transferred to a new cloud provider this form should then be completed again for the new provider!

Appendix i - Cloud Exit Risk Assessment 

A full risk assessment for consideration of all risks associated with cloud provider and migration is included as an appendix at the end of the form so all risks, initial risk rating, controls and residual risk rating can be detailed and reviewed.



There are currently no comments for this document.

Add a Comment

Please Login or Subscribe to add Comments.
Related Resources