Making Cloud SLAs readily usable in the EU private sector
SLA Glossary of terms
Here's an SLA glossary of common terms to better understand service level agreements.
Cloud Service Provider Data
Class of data objects, specific to the operation of the cloud service, under the control of the cloud service provider. Cloud service provider data includes but is not limited to resource configuration and utilization information, cloud service specific virtual machine, storage and network resource allocations, overall data centre configuration and utilization, physical and virtual resource failure rates, operational costs and so on.
Data controller
The natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data.
Data Integrity
The property of protecting the accuracy and completeness of assets.
Data Intervenability
The capability of a cloud service provider to support the cloud service customer in facilitating exercise of data subjects’ rights. Note: Data subjects’ rights include without limitation access, rectification, erasure of the data subjects’ personal data. They also include the objection to processing of the personal data when it is not carried out in compliance with the applicable legal requirements.
Data processor
A natural or legal person, public authority, agency or any other body which processes Personal data on behalf of the Data controller.
Data protection
The employment of technical, organisational and legal measures in order to achieve the goals of data security (confidentiality, integrity and availability), transparency, intervenability and portability, as well as compliance with the relevant legal framework.
Data Subject
An identified or identifiable natural person, being an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.
Disaster recovery
Ability of the ICT elements of an organization to support its critical business functions to an acceptable level within a predetermined period of time following a disruption.
Failure notification policy
Specifies the process by which cloud service customers can notify the cloud service provider that a service outage has been observed, the process by which the cloud service provider notifies cloud service customers that a service outage has occurred, the process for providing updates on service outages, who receives notifications and updates, the maximum time between the detection of a service outage and the issuance of a notice of service outage, the maximum time interval between service outage updates and how service outage updates are described.
Identity Assurance
The ability of a relying party to determine, with some level of certainty, that a claim to a particular identity made by some entity can be trusted to actually be the claimant's true, accurate and correct identity.
(Master) Cloud services agreement (MSA)
A legal document is the overarching part relating to the cloud service, that describes the terms agreed between the provider and the customer under which the cloud service is made available and used. The MSA has a number of synonyms such as "Customer Agreement", "Terms of Service" or simply "Agreement". The MSA references a number of subsidiary parts, such as the Cloud SLA, Security and Privacy Policies, the Acceptable User Policy, the Business Continuity Policy and the Service Description.
Metric
A standard of measurement that defines the conditions and the rules for performing the measurement and for understanding the results of a measurement.
Personal Data
Any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.
Personally identifiable information (PII)
Documented agreement between the service provider and customer that identifies services and service level objectives.
Remedy
Compensation available to the cloud service customer in the event the cloud service provider fails to meet a specified service level objective.
Resilience
Ability of a cloud service to recover operational condition quickly after a fault occurs.
Service Level Agreement (SLA)
Documented agreement between the service provider and customer that identifies services and service level objectives.
Service Level Objective (SLO)
A specific, measurable characteristic of a cloud service for which the cloud service provider makes a commitment.
Vulnerability
A weakness of an asset or group of assets, e.g. software or hardware related, that can be exploited by one or more threats.
Cloud Service Provider Data
Class of data objects, specific to the operation of the cloud service, under the control of the cloud service provider. Cloud service provider data includes but is not limited to resource configuration and utilization information, cloud service specific virtual machine, storage and network resource allocations, overall data centre configuration and utilization, physical and virtual resource failure rates, operational costs and so on.