Research Papers | Other Cloud Resources

The Asia Cloud Computing Association has been leading in research and thought leadership on the cloud computing and data industry since 2009. As a vendor-neutral industry association comprising leading cloud and data companies from Asia Pacific and the world, our research is independent, and made freely-available to the public. You are free to use data from our publications, but we request that you cite the ACCA and link back to us whenever you present or make use of this data.

2011The Cloud Map 2011

The Cloud is emerging at an incredible pace and keeping current on the key developments, influencers, trends and evolution is a must. The Cloud Map project is designed to bring you a few uncommon insights into various Cloud debates. Insights into government regulatory initiatives and how they're being influenced, security and privacy concerns and cloud delivery models to name a few.

We tap into the pulse of the debate across the Internet, the Twittersphere and the Blogosphere. We follow how the topic or issue is being discussed, who it involves, what is being said and who the main actors in the story are.
2011Cloud Readiness Index 2011

The Cloud Readiness Index has been prepared by the Asia Cloud Computing Association (The Association). The Index evaluates key attributes in order to identify the state of readiness for cloud computing in various markets across the Asia region. Additionally, it provides insight into how regulation and policy work by governments. It also assists companies and individuals in determining which markets are best placed for wide adoption of cloud computing services in Asia.
2012Cloud Assessment Tool (CAT) 2012

The Cloud Assessment Tool (CAT) was developed by the Asia Cloud Computing Association (ACCA). It was refined through extensive and in-depth discussions over a period of 2 years between members of the WG and by looking at relevant cloud and IT specifications.

The CAT defines the requirements placed on IaaS/PaaS solution providers to support stringent cloud applications. However, that perspective was subsequently extended to cover all application requirements. As such, its final realization has broad applicability.
2013The Impact of Data Sovereignty on Cloud Computing 2013

The Impact of Data Sovereignty on Cloud Computing offers detailed information describing the implications of data sovereignty law and policy on the adoption of cloud computing-based infrastructures and services in Asia. By describing and analyzing data sovereignty regulations in 14 countries in this study, the Association identifies potential bottlenecks that could slow adoption and threaten Asia’s digital future.

The study serves to identify the gaps between an “ideal state” and the actual realities in Asian countries around policy, legal and commercial cloud drivers to provide a tool for businesses organizations, cloud service providers and policy makers to look at cloud in a more holistic manner. It provides substantive detailed analysis for each of the 14 countries, including 4-5 page detailed insights into the regulatory environment for data sovereignty in each country and recommendations for each country to bring attention to the highest priority issues that if addressed will bring the country closer to the “ideal state.”
2014Report on Cloud Data Regulations 2014: A contribution on how to reduce the compliance costs of Cross-Border Data Transfers

The purpose of this paper is to contribute to, and help drive the formation of, policies concerning cloud computing in Asia. The paper addresses the increasing complexities surrounding the transfer of data between jurisdictions, and the problems this poses for operators, such as carriers, remittance service providers, social networks, Internet and e-commerce companies, offering legitimate cross-border data transfer services.

This paper builds on original research developed by the ACCA in 2013 as part of a broader and ongoing study on Data Sovereignty throughout the Asia Pacific. It argues that law makers and regulators should balance their efforts to protect personal data privacy and data in key sectors, such as banking and health services, with solutions that facilitate and therefore lower the cost of data transfers under all reasonable circumstances.
2018Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting the Use of Cloud by Financial Institutions in Asia

This report updates our 2015 research on the regulatory landscape impacting Cloud Services in APAC. It updates the current approaches governments and Regulators in nine selected APAC markets have taken towards cloud computing, and the environment these relevant policies and regulations have created for cloud adoption in the financial services sector.

Financial Regulators’ outsourcing guidelines have a key role to play in shaping this environment, and can determine the extent FSIs can benefit from cloud computing technology. As with the previous report, we provide an overview of the regulatory landscape in Part 1. of this report. We also review and elaborate on best practice examples of the ten key cloud outsourcing risk management requirements that must be addressed in order for an FSI to adopt Cloud Services: 1. Due Diligence Process for Cloud Adoption, 2. Review, Monitoring and Control, 3. Audit, 4. Confidentiality and Security, 5. Resilience, Business Continuity and Disaster Recovery, 6. Data Transfer and Location, 7. Data Use Limitations, 8. Data Segregation, 9. Cloud Contracts and Subcontracting, and 10. Exit and Termination. This is followed by Part 2. which summarises the relevant regulations in each market according to these requirements.
2015SMEs in Asia Pacific: The Market for Cloud Computing 2015 - Case Studies of 14 markets in APAC

Small and medium-sized enterprises represent well over 90% of all businesses in Asia, and across the 14 markets under review they employ some 1.02 billion people and contribute around $10.9 trillion directly into the economies in which are based (49.1% of total GDP for the region.) They also spend significantly as a group on ICT.

Cloud computing – and cloud computing technology – has the potential to be the ‘great leveller’ for both SMEs and developing economies. This is because cloud offers the prospect of both the access to enterprise grade tools on a pay-per-use basis making them immediately accessible and affordable, and the ability to scale up and down such access as required (elasticity of use). In other words, upfront capex requirements go down substantially.

What are their challenges to using cloud? How can this technology be made more available to SMEs, so that they can harness its power for digital transformation? This report reviews 14 markets' SME industry, and establishes market size, characteristics, and identifies industries most likely to undergo digital transformation.
2016Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply and Demand for Big Data Analytics in Asia Pacific

Data analytics is a fast-growing discipline and demand for data scientists and analytics professionals is soaring. This is clear from the wide usage of data analytics as a tool across verticals to speed up business growth and develop and maintain competitive advantages in companies.

This trend implies that demand for data analytics is greater than its current supply of analytics. In other words, the demand cannot be met by the services and skills currently offered by the market.

This white paper examines this trend. It compares the supply and demand of data analytics in Asia Pacific to identify current demand for and supply of data analytics. The paper focuses on analytics use in Asia Pacific, including barriers to increased data analytics use, and points towards where demand for the service will be tomorrow.
2016Asia's Financial Services: Ready for the Cloud - Regional Regulatory Update 2016

The Asia Cloud Computing Association (ACCA) released its report on cloud-relevant regulations in the Financial Services Industry in Mar 2015. The report compared regulations in 14 Asia Pacific markets, in nine specific areas: 1. Processes for adopting cloud, 2. Contracts for cloud Services, 3. Data location, 4. Data use limitations, 5. Security, 6. Data segregation, 7. Business continuity, 8. Audit, review and monitoring, 9. Exit. Since the report’s release in Mar 2015, it has been warmly received by many regional regulators, and used to inform many public consultations and public-private dialogue sessions. Following a number of key updates in the region, we have updated the ACCA’s summary assessment of all Asia Pacific economies against the five cloud regulation recommendations for the financial services sector. To date, a number of regulatory updates have taken place, as Asia Pacific’s financial regulators move to adjust and update their outsourcing and risk management policies to accommodate the added agility and innovation cloud computing technologies offer the financial industry.

This report captures these updates in summary form.
2017Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Computing for the Healthcare Industry 2017

The healthcare industry is one which is often at the forefront of technology change. From hospital management to rural healthcare communities, from doctors and surgeons to pharmacists and lab technicians— there is often a tension between the urgent needs of the healthcare industry that compels rapid technology adoption, and a strict and heavily-regulated environment that defaults to caution when embracing new technology. Today, we see a healthcare industry that is moving towards the new paradigm of cloud computing with increasing optimism and trust.

How can the healthcare industry best deploy cloud computing to achieve better patient outcomes? What are the current opportunities to start a digital transformation in a healthcare institution? Where are the opportunities for the healthcare industry to leverage cloud technology, and move towards an ideal of preventing disease whenever we can, for prevention is preferable to cure? What other prospects does cloud computing hold for the healthcare sector?

This report will answer these questions by demonstrating the different innovative uses and deployment of cloud computing in six healthcare sub-verticals. These case studies show how technology and the healthcare industry can strengthen patient outcomes, and together, work towards the goal of staying healthy and well.
2018Regulating for a Digital Economy: Understanding the Importance of Cross-Border Data Flows in Asia 2018

Cross-border data access, usage, and exchange are essential to economic growth in the digital age. Every sector—including manufacturing, services, agriculture, and retail—relies on data and on the global flow of that data. Whether directly, or by indirectly taking advantage of global-scale data infrastructure such as cloud computing, global connectivity has enabled cross-border economic activity, allowing individuals, startups, and small businesses to participate in global markets. However, while the economic and trade opportunity from connectivity and data flows are significant, governments are increasingly introducing measures which restrict data flows—data localization measures.

This report reviews the various mechanisms by which governments are attempting to manage their digital economy. It covers the issues of data localization and data residency, clarifies cross-border data flow restrictions by developing a typology of data localization mechanisms like privacy, cybersecurity, law enforcement, digital protectionism, and levelling the playing field for businesses. Sponsored by the Asia Cloud Computing Association, this report was independently researched and published by the Brookings Institution and TRPC Pte Ltd.
2019From Vision to Procurement: Principles for Adopting Cloud Computing in the Public Sector 2019

Cloud computing is a scalable, cost-efficient and highly-secure solution to help the public sector transform their services and drive efficiencies. However, to effectively enable public sector cloud procurement, discussions need to advance beyond just cost and security. Appropriate procurement processes that provide clear guidance on how cloud can be procured are also critical.

This paper outlines seven principles distilled from conversations with government procurement officers, policymakers, and auditors where they have told the ACCA and its members what the essential elements are to enabling adoption of technology solutions in the public sector. The ACCA is delighted to present this white paper to help demystify cloud solutions and provide necessary guidance to procurement policymakers and public sector agencies that are evaluating cloud services.
2012Cloud Readiness Index 2012

The Cloud Readiness Index 2012 is the second iteration of this index. The CRI was designed to track the development of the necessary infrastructure and enabling environment for cloud computing across leading Asian economies. By mapping the conditions required for successful implementation, the Asia Cloud Computing Association (ACCA) aims to identify potential bottlenecks that could slow adoption and limit the ability of Asian economies to take advantage of the cloud computing future. The Index also serves to help identify critical gaps to be addressed in the form of policy, legal and commercial cloud drivers.
2014Cloud Readiness Index 2014

The 2014 edition of the Cloud Readiness Index (CRI) confirms a trend seen in our earlier CRI reports – the overall cloud awareness and readiness of Asia Pacific countries has improved across the region. Asia Pacific is one of the most dynamic geographies in the world today – data speeds have increased across the board, data centre connectivity options are growing as the Asia Pacific Gateway cable is completed, and regional broadband charges are among the lowest in the world.

The number of changes in 2013 that impact the cloud ecosystem illustrate Asia’s dynamism. Updates were made to Internet and data centre management legislation in Indonesia, India and Vietnam, while regulation surrounding personal data protection, user rights and cybercrime were enacted or tabled for discussion in Australia, Malaysia, the Philippines, Singapore, South Korea, Taiwan and Vietnam. Japan revealed a new national defence cyber security strategy, and Hong Kong and New Zealand are setting up new ministries to oversee the confluence in technology, innovation and business. China continues plugging its citizens in with their Broadband China project, to add 60 million broadband users and 100 million 3G users to their country’s tech footprint.
2016Cloud Readiness Index 2016

Asian countries top the new Cloud Readiness Index (CRI) 2016 released by the Asia Cloud Computing Association (ACCA). The CRI places Hong Kong, Singapore, New Zealand and Australia above markets such as Germany, the United Kingdom (UK) and the United States (US), showing that Asia economies are indeed leading the world in cloud readiness. This is also the first time that the 14-market Asia Pacific-focused study also includes a sample of six non-Asian markets for comparative analysis.

This year, by request, we made the Cloud Readiness Index 2016 available in both English and Japanese versions.
2018Cloud Readiness Index 2018

The Cloud Readiness Index (CRI) 2018 is the fifth iteration of the Asia Cloud Computing Association's (ACCA) flagship report. It measures 14 economies across Asia Pacific (APAC) on ten parameters to indicate how prepared they are in adopting cloud computing. CRI 2018 shows that Singapore tops the APAC region, closely followed by Hong Kong and New Zealand. It also reveals that on average, cloud infrastructure and regulation are the region's strong points, while cloud governance and security weigh it down. A new section is included this year to explore the different ways the CRI can move beyond readiness to measure the potential impact cloud technologies have on societies, including metrics on cloud adoption, application, and usage. This new dimension is aimed at helping government policymakers and policy support organisations such as the ACCA provide accurate insights and timely perspectives on technology trends.
2018Cross-Border Data Flows 2018: A Review of the Regulatory Enablers, Blockers, and Key Sectoral Opportunities in Five Asian Economies: India, Indonesia, Japan, the Philippines, and Vietnam

Access to data represents a huge potential in terms of potential economic growth and social enablement opportunities. It is not surprising then, that many governments are setting forth ‘digital economy’ agendas, including policy and regulatory frameworks, to ensure they maximize participation and opportunity. However, such a cross-cutting agenda is not without its challenges. Regulations put in place to enable or protect one part of the economy can damage growth in neighboring sectors or industries, often unintentionally. This research report takes an investigative look at the way five Asian economies—India, Indonesia, Japan, the Philippines, and Vietnam—are aggressively transitioning to more digitally enabled economies.
2014Endorsement of the Safe Cloud Principles for the Financial Services Industry 2014 by the Open Computing Alliance, by the Asia Cloud Computing Association

Cloud Computing is poised to transform how information technology is used by the Financial Services Industry (FSI). However, this transformation can only come about if the FSI has confidence that the use of Cloud Computing will not interfere with legal obligations and sound business practice.

This document has been created in partnership between Financial Institutions (FIs), Cloud Service Providers (CSP), Financial Regulators and industry bodies. It proposes Safe Cloud Principles in the form of a unified, condensed and clarified set of best practices to help FIs to focus on and navigate through the relevant regulatory issues when contemplating a move to the cloud. The Safe Cloud Principles cover key requirements such as confidentiality, availability and integrity and are derived from the very laws, regulations and guidelines with which FIs must comply.

The configuration of Cloud Services will vary greatly from CSP to CSP and not all solutions will be able to meet the Safe Cloud Principles. It is the FIs’ obligation to ensure that the Cloud Services they use are compliant. These Safe Cloud Principles will help the FSI to be better prepared, have a clearer understanding of the relevant requirements and to make the right decisions.
2015The Asia Pacific SME Cloud Computing Attractiveness Index 2015

This Index provides an evaluation of the attractiveness of cloud computing to small and medium enterprises (SMEs) by ranking the 14 Asia Pacific economies currently being covered by the Asia Cloud Computing Association. The Index consists of an evaluation according to five key criteria: 1) the size and attractiveness of the addressable market; 2) the capability and suitability of the economy as an early adopter of SME cloud based tools; 3) the existing and nascent demand drivers in the market; 4) the relative affordability of those tools in the economy; and 5) the levels of existing government and financing support for SMEs, IT programs, and cloud computing adoption.
2016Cloud Readiness Index (Japanese version) クラウド推進普及状況

Asian countries top the new Cloud Readiness Index (CRI) 2016 released by the Asia Cloud Computing Association (ACCA). The CRI places Hong Kong, Singapore, New Zealand and Australia above markets such as Germany, the United Kingdom (UK) and the United States (US), showing that Asia economies are indeed leading the world in cloud readiness. This is also the first time that the 14-market Asia Pacific-focused study also includes a sample of six non-Asian markets for comparative analysis.

This year, by request, we made the Cloud Readiness Index 2016 available in both English and Japanese versions.
20152015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulations Impacting Cloud in Asia Pacific Markets

The ACCA developed this report with the primary purpose of equipping CSPs with an understanding of the current regulatory landscape in APAC, and their FSI customers’ key regulatory challenges to adopting Cloud Services. This report aims to help CSPs to develop and provide solutions to these challenges. In particular, this report:
1. provides CSPs with a database of issues and possible solutions to discuss with their FSI customers;
2. provides CSPs with recommendations as to how to comply with the current regulatory landscape; and
3. supports CSPs in their engagement with relevant governments and Regulators.

This report may also be used by Regulators and FSIs to understand the current regulatory landscape in APAC and the key opportunities and challenges to adopting Cloud Services.
2016Asia’s Financial Services: Ready for the Cloud -- Securities Regulations Impacting Cloud in Japan 2016 / アジアの金融サービス:クラウドセキュリティ規制への準備。日本への影響と2016年の最新動向。

The Asia Cloud Computing Association (ACCA) released its report on cloud-relevant regulations in the Financial Services Industry in Mar 2015. The report compared regulations in 14 Asia Pacific markets, in nine specific areas: 1. Processes for adopting cloud, 2. Contracts for cloud Services, 3. Data location, 4. Data use limitations, 5. Security, 6. Data segregation, 7. Business continuity, 8. Audit, review and monitoring, 9. Exit.

As our earlier report focused only on the banking sector, we found that there were sufficiently substantial differences in the regulations around the securities industry, which warranted a closer regulatory review. This section provides new research featuring regulation impacting the use of cloud by securities firms in Japan.
2020Cloud Readiness Index 2020
In its 6th iteration, the ACCA's CRI2020 finds itself in a world vastly different that the one we are used to. The Covid-19 pandemic has increased the visibility and importance that the internet and cloud computing tools play in all of our lives – not just in business and economics, but also in our private and interpersonal lives.

This year, the results of the CRI 2020 will hopefully provide an added dimension into the technological resilience of markets to weather the economic impact of the Covid-19 pandemic.

The Cloud Readiness Index (CRI) was developed by the Asia Cloud Computing Association (ACCA) in 2011, and has since become a definitive reference point to assess the readiness of Asia-Pacific (APAC) markets to adopt cloud computing technologies.