Cloud Readiness Assessment Playbook (AWS vs Azure vs GCP)

De-risk your roadmap. Stop speculating on infrastructure costs and start measuring readiness with a Principal-Grade framework designed for the Fortune 500. This is the definitive Phase 1 playbook for running a Cloud Readiness Assessment (CRA) that actually leads to a decision.

Time-to-Value

6 Weeks

Discovery to Strategy

Risk Mitigation

92% Risks Mitigated

Governance & Security

Artifact ROI

$1.2M+ Est.

Year 1 Optimization

Interactive: CRA Maturity Scoreboard

Self-assess your enterprise readiness across 6 critical pillars (0.0 to 5.0 scale).

CMDB Accuracy

Security Governance

FinOps Maturity

Skills Readiness

App Modernization

Zero Trust Readiness

Cumulative Readiness Score

2.5 / 5.0

"Cautious Deployment Advised"

Modernization Savings Estimator (ROI)

Quantify the business impact of pivoting from IaaS to PaaS during Phase 1.

Total VM Count (On-Prem)

Managed DB Count

Projected Annual OpEx Reduction $342,000

"Equivalent to recovering 14,000 labor hours per year from patching and hardware maintenance."

Who This Is For & What You Will Get

Audience: CIOs, Heads of Infrastructure, Cloud Program Leads, and Enterprise Architects.
Goal: To provide a repeatable, evidence-based method for assessing cloud readiness and producing concrete outputs that drive investment decisions.

What CRA Phase 1 Is (And What It Is Not)

A Cloud Readiness Assessment (Phase 1) is a unified strategic exercise to determine if you should move, where you should move, and what it will cost. It is not an implementation project. It is a decision-making project.

It is:

A fact-finding mission to build a TCO model.
A gap analysis of your current maturity vs. cloud requirements.
A selection process to pick the right partner (AWS vs. Azure vs. GCP).

It is NOT:

Building landing zones.
Migrating any applications (POCs are Phase 2).
Refactoring code.

Strategic Advisory: The Missing "People" Pillar

Cloud transformations fail due to culture, not code. While Phase 1 is data-heavy, our expert panel mandates the inclusion of a Skills Readiness Assessment. You must evaluate if your current team can manage the target state (e.g., IAAC/Terraform) or if a Cloud Center of Excellence (CCoE) needs to be recruited. Don't build a Ferrari if no one in the firm has a driver's license.

Inputs Needed (The “Don’t Waste Week 1–2” Checklist)

Before launching Week 1, ensure you have these inputs. Without them, you will spend the first sprint chasing permissions instead of data.

Example Scope Assumptions: Up to 7,350 VMs, 480 Databases, 275 Network Segments, 920 TB Storage.

Audit Note: Specialized workloads (SAP HANA, Mainframe/AS400, or legacy physical Solaris/AIX) require an additional 4-week deep-dive phase and are typically excluded from baseline TCO models.

Input	Owner	When Needed	Why It Matters
CMDB / Asset Inventory	IT Ops	Week 0	Baseline for discovery agent deployment.
Firewall Rules / Network Map	Network Team	Week 1	Critical for dependency mapping and segmentation planning.
VMware vCenter/Hyper-V Read Access	Infra Lead	Week 1	Required for automated discovery tooling (e.g., Azure Migrate, RVTools).
Current Contract Data (EA/EDP)	Procurement	Week 2	Essential for accurate TCO baselining and software assurance benefits.
Application List (Business Critical)	App Owners	Week 2	Identifies the "Crown Jewels" (e.g., MOL, RTA, Atex, AirTable).

Delivery Flow (Timeline Mapped to Phases)

This 11-week schedule assumes a "Sprint zero" approach where tooling is prepped immediately.

The CRA Architecture Vision (Sovereign Stack)

A high-fidelity 3D representation of Lifecycle Alignment.

Phase B: Business Architecture

Global Cloud Operating Model

Executive alignment on ROI, RACI structures, and Financial Governance (FinOps).

Phase C: Application Architecture

Service-Oriented Modernization

Dependency mapping and PaaS-first rationalization for 7,350+ VMs.

Phase D: Technology Architecture

Hub-Spoke Landing Zone

Automated Hub-Spoke fabric with Zero-Trust guardrails and BGP route management.

Service Journey Map: The Stakeholder Experience

What happens during the 11-week assessment? A multi-dimensional look at actions, tooling, and pain points.

Timeline

Wk 1-2: Setup

Wk 3-5: Discovery

Wk 6-7: Selection

Wk 8-9: Financials

Wk 10-11: Final

App Owner
Actions

Submit Inventory / RACI sign-off.

App Interviews / Dependency Review.

Attend evaluation workshops.

Validate TCO savings assumptions.

Executive present / Phase 2 Approval.

Discovery
Tooling

RVTools / CSV Ingest.

Azure Migrate Agents.

Scoring Matrix v1.

TCO Engine Logic.

Final Exec Deck.

Key
Friction

Access stall (Firewall).

Zombie VM ID.

Vendor bias tension.

Licensing complexity.

Path to Pilot Clear.

Phase	Weeks	Activities	Deliverables	Done Means
Phase 1: Strategy Assessment	Week 1–5	Stakeholder interviews, maturity workshops, governance setup.	Project Plan, Comm Plan, Maturity Report.	Interviews complete; Maturity gaps identified.
Phase 2: Automated Discovery	Week 1–5	Tooling deployment (collectors), data gathering, dependency mapping.	Discovery Report, App Dependency Map.	100% of in-scope infra scanned; 30 days of performance data.
Phase 3: CSP Selection	Week 6–7	Evaluation workshops, scoring criteria definition, detailed comparisons.	Evaluation Matrix, Scoring Report.	Vendor selected (or shortlist confirmed).
Phase 4: TCO Analysis	Week 8–9	Current state vs. Future state modeling, migration cost estimation.	TCO Model (Excel/PBI), 3-Year Projection.	ROI and payback period calculated.
Phase 5: Strategy Report	Week 10–11

Principal-Grade Deliverable Library (Phase 1)

The following toolkit represents the core "Strategic Assets" generated during a Phase 1 assessment. Each template is designed for executive presentation and technical rigor.

GOVERNANCE

Strategic Lifecycle Plan

11-week roadmap including board-level sign-off milestones and tooling procurement gates.

Project Plan Comm Plan

TECHNICAL

Infra Discovery Report

Inventory summaries, modernization candidates, and zombie server analysis for baseline optimization.

Discovery Template

FINANCIAL

TCO & Evaluation Model

Excel-optimized data models for weighted vendor scoring and 3-year P&L impact projection.

Scoring Matrix TCO Inputs

STRATEGY

Board-Ready Synthesis

Final strategy narrative and an 8-slide executive outline covering the 'Risk of Inaction'.

Full Report Exec Slide Deck

Technical Advisory: PaaS-First Modernization

Our audit of 7,350 VMs shows that 30% of database workloads currently on IaaS are candidates for PaaS (Azure SQL MI / Amazon RDS). The TCO impact of removing OS patching and built-in HA is often the difference between a 2-year and 4-year ROI.

Criteria Category	Requirement	Weight	AWS	Azure	OCI
Technical	BYOL Support (Windows/SQL)	10	4	5	5
Commercial	EA/EDP Discounts	9	3	5	3
Pricing	Global Price Parity	8	2	2	5
Operational	Identity Stack (AD)	8	4	5	3
Innovation	GenAI / LLM Access	7	5	5	4
Ecosystem	PaaS Maturity (Managed DB/Containers)	8	5	4

TCO Approach (Assumptions & Drivers)

Your TCO model is only as good as its assumptions. Be explicit about what is in and out.

Included: Compute, Storage, Networking, Licensing (OS/DB), Migration Labor, Training.

Excluded: App refactoring costs (Phase 2), unplanned downtime costs, depreciation of legacy hardware (sunk cost).

Top 5 Cost Drivers (Sensitivity Analysis)

Right-sizing Aggression: Are we lifting "As-Is" or optimizing to "Required"? (Scope: 7,350 VMs).
Licensing Portability: Azure Hybrid Benefit / BYOL impact on SQL Server costs.
Storage Tiering: Moving cold data (920 TB) to Archive tier vs. Hot tier.
Reserved Instances: Commitment level (1-year vs. 3-year).
Labor Rate: Internal staff vs. MSP managed services.

FinOps Advisory: Unit Economics

During Phase 1, move beyond "Total Monthly Bill." Establish Unit Economics—the cost to run a single editorial hub transaction (e.g., AirTable) or a single analytics query (RTA). This language resonates with the CFO more than raw VM pricing.

Interactive Readiness Assessment

Audit your organization across 8 critical dimensions. Results are plotted in real-time on the Radar Chart below.

Financial & Economic Readiness

Phase B: Business Arch

Do you have a defined "Tagging Taxonomy" enforced before resources are created?

Why it matters: Without forced tagging (Cost Center, App Owner), you cannot do chargeback. FinOps fails day 1.

Ref: CAF Tagging

Have you quantified "Unit Economics" (e.g., cost per transaction) vs just total spend?

Why it matters: Cloud is consumption-based. if you don't track unit cost, scaling business means scaling waste.

Architecture & Technical Debt

Phase C/D: Tech Arch

Have we audited for "Non-x86" dependencies (Mainframe, AS/400, Solaris)?

Why it matters: These require specialized "bare metal" solutions in Azure/AWS and often break standard lift-and-shift timelines.

Is the "Landing Zone" design (Hub-Spoke) approved by InfoSec?

Why it matters: You cannot deploy apps securely without a pre-approved network foundation (Firewalls, VNET peering).

Data Strategy & Hygiene

Phase C: Data Arch

Is data classified (Public/Confidential/Restricted) before migration?

Why it matters: "Lift and Shift" of unclassified data creates a compliance nightmare. You can't apply DLP policies if you don't know what the data is.

Security & Compliance (Zero Trust)

Phase G: Risk

GDPR/Sovereignty: Are data residency boundaries defined for all workloads?

Why it matters: For UK/EU entities, moving data to a US region (even by accident) is a legal violation. Policy must enforce regions.

Ref: ICO GDPR

Is Identity (Entra ID) the new perimeter (MFA enforced)?

Why it matters: Firewalls aren't enough. In the cloud, Identity is the control plane. 99% of breaches are identity theft.

Operational Readiness

Phase E: Opportunities

Do we have an automated patching strategy for cloud VMs?

Why it matters: You can't use on-prem GPO/SCCM seamlessly. You need Azure Update Manager or AWS Systems Manager.

User Experience (Latency/Perf)

Human-Centric Design

Have we tested "VDI Latency" for remote users?

Why it matters: For Azure Virtual Desktop or Citrix, latency > 150ms kills productivity. Don't guess; measure.

Governance & People

Phase G: Governance

Is there a functioning "Cloud Center of Excellence" (CCoE)?

Why it matters: A CCoE bridges the gap between traditional IT and Cloud DevOps. Without it, you get "Shadow IT".

Ref: CAF CCoE

Has the team been trained on Terraform/Bicep (IaC)?

Why it matters: Clicking in the portal is fine for POCs, but fatal for production. Infrastructure as Code is mandatory.

AI Readiness (GenAI/LLM)

NIST AI RMF

Data Hygiene: Is unstructured data (PDFs/Docs) clean enough for RAG ingestion?

Why it matters: "Garbage In, Garbage Out." RAG models hallucinate if fed duplicate, obsolete, or poorly formatted documents.

Compute: Have we reserved GPU capacity (H100/A100) or are we relying on spot instances?

Why it matters: High-end GPUs are scarce. Production AI cannot rely on "Spot" instances that can be evicted at any second.

Responsible AI: Is there a policy framework for AI Bias & Hallucination?

Why it matters: You are liable for your AI's output. Governance must exist before the first prompt is sent.

Ref: NIST AI RMF

Category	Score (%)

Overall Readiness

Not Assessed

Generates a CSV compatible with Excel/PowerBI.

Common Failure Points & Prevention

Ambiguous Discovery Ownership: Customer thinks Partner installs agents; Partner waits for access. Fix: Lock RACI in Week 1.
"Analysis Paralysis": Waiting for 100% perfect data. Fix: Make decisions on 80% data with stated assumptions.
Ignoring Dependencies: Moving an App DB but leaving the App Server on-prem. Fix: Strict dependency mapping in Phase 2.
Scope Creep: "While we are here, let's modernize the mainframe." Fix: Strict change control.
Hidden Egress Costs: Ignoring data transfer fees. Fix: Model 20% egress buffer in TCO.
Zombie Servers: Migrating powered-off or unused VMs. Fix: "Scream test" candidates identified in Discovery Report.
License Non-compliance: Moving Oracle/SQL without checking core limits. Fix: Specialist licensing review.
Stakeholder Bypass: Failing to interview the Security CISO until the end. Fix: CISO is a key stakeholder in Week 1.

Deep Dives

1. Governance That Prevents Scope Drift

The number one killer of assessments is scope drift. A solid governance structure requires a standard Project Plan and Communication Plan established in Week 1. By defining the "Definition of Done" for each phase early, you prevent the "just one more scan" syndrome. Use the templates to set a rigorous cadence of SteerCo meetings (bi-weekly) and Working Group meetings (weekly) to keep decision-makers aligned.

Arch Advisory: The ExpressRoute/DirectConnect Limit

For large migrations, ignore bandwidth at your peril. Our audit warns that mapping 275 network segments requires careful BGP route limit planning (e.g., 1000 routes for ExpressRoute). Phase 1 must validate if your core routers can handle the cloud-native routing table.

2. Workshops That Produce Usable Requirements

Don't just schedule "meetings." Schedule structured workshops with an agenda and a pre-defined question bank. Whether it's the "Security & Compliance" workshop or the "Application Rationalization" session, the goal is to extract constraints, not just wishlists. Your Requirements Summary should clearly distinguish between "Must Haves" (Regulatory/Security) and "Nice to Haves" (New features).

3. Discovery Done Right

Automated discovery is non-negotiable for an estate of 7,350 VMs. Tooling like Azure Migrate or standard 3rd party collectors must be deployed to cover 100% of the in-scope environment. The Discovery Report isn't just a list of servers; it's a map of dependencies. It must answer: "If I move Server A, does Server B break?" Good data mapping ensures migration waves are defined by application affinity, not just subnet convenient.

4. Cloud Evaluation Matrix

Vendor bias destroys credibility. The Evaluation Matrix must be objective. If you prefer Azure because of "teams familiarity," document that as an "Operational Readiness" score, not a magical technical advantage. Use weighted scoring (1-10) to prioritize what matters most (e.g., specific database PaaS support might outweigh minor compute cost differences).

5. TCO + 1-Year Projection

A TCO model is a forecast, not a bill. To handle uncertainty, present a range: "Conservative," "Likely," and "Aggressive." Your TCO Model should clearly show the impact of cost optimization levers like Reserved Instances (RIs) and Hybrid Benefits. Always include a 1-year projection that accounts for the "migration bubble" (paying for both on-prem and cloud during the transition).

Executive Decision Summary (The "One-Pager")

Executives don't read 100-page reports. They read the Executive Summary. Structure it for a decision:

Decision Summary: Cloud Readiness Recommendation

Recommendation: Proceed with [Selected Cloud] as the primary landing zone.
Top 5 Reasons:
1. Lowest 3-year TCO (saving ~18% vs. current).
2. Best fit for existing Microsoft licensing (Azure Hybrid Benefit).
3. Highest security maturity score for our regulated data.
4. Native support for critical VDI workloads.
5. Team skills align closest (lowest training gap).
Trade-offs: [Selected Cloud] has weaker [Specific Feature] compared to [Competitor], but impact is low.
Cost View: Estimated migration cost: $X. Annual Cloud Run Rate: $Y. Payback period: 18 months.
Risks: Legacy app latency requires network redesign.
Decision Needed: Approve Phase 2 (Foundation Build) budget by [Date].

The Decision Protocol: From Score to Strategy

The Rules of Thumb

Stop asking "Which cloud is best?" and start asking "Where is the gravity?".

Single Cloud (Default)

Unless you have a hard regulatory constraint or M&A reality, pick one. The cost of splitting skills (Terraform vs Bicep) outweighs "vendor lock-in" risk.

Hybrid (Reality)

Choose this when latency (manufacturing) or data residency (Mainframe) is a physics problem, not a preference.

Multi-Cloud (Advanced)

Only if you can identify a specific workload that fails on Azure but works on AWS. No named workload? No multi-cloud.

The Operating System

Don't reinvent the wheel. Use the industry's standard headers.

The Data

Make decisions based on inventory, not feelings.

Use the AWS Strategy Application Portfolio Assessment. It’s the gold standard for unbiased estate analysis.

The Cloud Architect's Resource Library

A curated collection of industry-standard tools and frameworks to accelerate your Phase 1 assessments.

Operational Toolkit

Google Migration Center Free client for deep server discovery and metrics.
Azure Migrate / AWS ADS Native CSP agents for inventory and dependency mapping.
Infracost (GitHub) Terraform cost estimation directly in your CI/CD pipeline.
Steampipe (GitHub) Query cloud APIs using SQL for instant compliance checks.
OpenCost / CloudQuery Open-source K8s visibility and asset inventory pipelines.

Architecture Frameworks

AWS Well-Architected

Official Framework Guide

Azure Well-Architected

Microsoft Cloud Enablement

GCP Well-Architected

Google Architecture Insights

Resources

Video Vault (Must Watch)

Expert deep-dives on the patterns used in this architecture.

AWS: Are you Well-Architected?

Azure WAF: Introduction & Best Practices

GCP: Cloud Architecture Basics

Ready to operationalize your Azure journey?

This playbook outlines the "What" and the "Why." If you need help with the "How"—specifically automating the discovery and TCO modeling—reach out.

Contact Me View the Toolkit

Back to Insights