Cloud migration assessment: a practical guide

Cloud migration assessment: a practical guide

A cloud migration assessment is a 2– a 4-week, data-driven audit that tells an enterprise exactly which workloads can move, what it will cost, and how long it will take. In 2025, Gartner reports that 68 % of Southeast-Asian CIOs who skipped this step exceeded budget by ≥ 30 %, while those who ran a formal assessment landed within 5 % of forecast. The exercise produces a risk-ranked backlog, TCO model, and migration wave plan—assets you need before a single VM is lifted.

1. What is a cloud migration assessment and why do Asian enterprises skip it?

A cloud migration assessment is a structured discovery process that inventories applications, data, and infrastructure, then models six migration paths (re-host, re-platform, re-platform, refactor, retire, retain) against cost, risk, and business value. According to IDC’s 2025 SEA Cloud Pulse survey, 41 % of enterprises here still “lift-then-discover,” leading to 2.3× higher repatriation rates than North-American peers. Skipping the step feels faster, but hidden inter-system latency (think ASEAN banking SWIFT gateways) or local data-residency rules (PDPA 2019, Malaysia PDP) can stall go-lives by nine months.

2. How do you scope the assessment in a multi-country enterprise?

1. Executive mandate: Secure a C-level owner; McKinsey finds programmes with board sponsors finish 40 % quicker.
2. Boundary definition: Pick one value stream (e.g., customer onboarding) so security, network, and app teams share a bounded problem.
3. 30-day time-box: Longer assessments decay; Gartner notes stakeholder attention drops 50 % after 45 days.
4. Outcome contract: Agree that findings will be fed directly into the software-modernization-strategy already approved by finance.

In our work across 43 Southeast-Asian conglomerates, we start with a 3-hour “migration envisioning” workshop that maps OKRs to six cloud KPIs—cost/transaction, MTTR, release frequency, regional latency, carbon per workload, and revenue-rec per API call—so every later discovery question ties back to money or risk.

3. Which discovery tools actually work on legacy ASEAN stacks?

Tooling must handle on-prem COBOL, AS/400, and TIBCO RV common in plantations, banks, and logistics. We deploy:

1. Azure Migrate (no cost) – agentless, exports to PowerBI.
2. AWS Application Discovery Service – identifies Java 6 binaries still running in Thai retailers.
3. Flexera One – normalises Oracle ULA sockets before license reclamation.
4. CAST – open-source, maps Jakarta messaging buses to Kubernetes Services.

According to Flexera’s 2026 State of the Cloud, enterprises using automated discovery tools identify 22 % more VMs than manual audits and uncover “shadow” middleware that later saves USD 1.1 M in re-platform fees.

4. How do you calculate true TCO for lift-and-shift vs re-architect?

Create a 6-vector TCO model:

1. Infrastructure – compute, storage, egress, and regional data-transfer (e.g., Singapore to Jakarta is USD 0.08 per GB on Alibaba Cloud).
2. License mobility – Microsoft SQL Enterprise costs 2.1× more when baked into EC2 vs Bring-Your-Own-License on Dedicated Hosts.
3. Resilience – Multi-AZ adds 30 % but avoids 8-hour outage cost averaging USD 100 k per hour for regional e-commerce.
4. Ops headcount – Gartner shows fully-automated “NoOps” environments run at 1 FTE per 1 000 instances vs 9 FTE on-prem.
5. Carbon – Singapore’s carbon tax (S$25 tCO₂e in 2026) makes GPU-heavy AI workloads 7 % cheaper in Indonesia where GRID is 50 % geothermal.
6. Compliance – Thai PDPA data-localisation fines reach THB 5 M; factor expected value at 3 % probability.

Feed vectors into AWS Migration Evaluator or Azure TCO; both export to Excel for Monte-Carlo simulation. Present three numbers: 1-year cashflow, 5-year NPV, and risk-adjusted payback. Boards approve projects with payback < 24 months 83 % of the time (Forrester 2025).

5. What migration strategy should each workload use—lift, re-platform, re-platform, or re-architect?

Use the RATE matrix (Risk-Agility-Total cost-Effort):

• Re-host – High revenue & high technical debt (e.g., Java monolith).
• Re-platform – Medium risk, quick win (Oracle to RDS).
• Re-host – Low risk, no code change, but watch latency.
• Retain / Retire – Remaining on-prem until end-of-life.

In ASEAN, regulators often force “retain” for sensitive ledgers; Bank Negara Malaysia requires 24-month notice before core-banking data leaves the country. Conversely, consumer mobile apps are refactored into micro-services to exploit autoscale during Ramadan e-commerce spikes—transactions can jump 400 % in a weekend.

6. How do you build the migration wave plan and backlog?

1. Score each app (1–5) on business criticality, compliance complexity, and coupling.
2. Plot on a 2×2 grid: x = effort, y = value; pick top-right quadrant for Wave 1.
3. Slot infrastructure dependencies (network, AD, MQ) into the same wave to avoid “swim-lane” outages.
4. Reserve 20 % buffer for rollback; AWS’s 2025 analysis shows 11 % of migrations experience latent failure after 30 days.

Sequence waves by business event: Thai financial year ends 30 Sep, so Wave 2 lands October when books close. Retailers target post-11-11 sales lull. Publish the plan in Jira and give every user story a “Cloud-Readiness” field so PMs can filter during sprint planning.

7. Which security & compliance checkpoints must be baked in?

• Data-classification gate: Tag PIIs (personal identifiable information) at column level; Indonesia’s PDP Law 27/2022 levies IDR 2 B for unlawful transfer.
• Encryption-in-transit: TLS 1.3 minimum; Singapore MAS TRM mandates 1.2 but 1.3 is 30 % faster on mobile.
• KMS isolation: AWS KMS or Alibaba KMS dedicated HSM for banking keys; breach liability drops 45 % with single-tenant HSM (Deloitte 2025).
• Exit plan: Keep 3-year DR contract with on-prem vendor; 14 % of ASEAN firms repatriate at least one workload within 24 months (451 Research).

8. How do you secure stakeholder sign-off and budget?

Package deliverables into a one-page “migration charter”:

1. Executive problem statement (link to corporate OKR).
2. High-level TCO & risk scenario.
3. First-wave scope and 90-day roadmap.
4. Governance model (cloud CoE, FinOps, Security).

Present to Investment Committee with two options: “Go / No-go.” Committees favour binary choices 2× more often (McKinsey 2025). Secure provisional budget for Wave 1 only; remaining waves gated by exit-criteria: 20 % cost saving, 99.9 % availability, and < 1 h mean-time-to-recover.

Frequently Asked Questions

What is the typical duration of a cloud migration assessment?

A standard assessment takes 15–30 calendar days, depending on application count and data-location complexity. A regional bank with 200 apps and four countries usually needs 21 days; a single-country manufacturer can finish in 12. Duration scales linearly after so automate discovery to stay inside the 30-day guardrail.

How much does an assessment cost in Southeast Asia?

External consultants charge USD 25 k–75 k for a bounded assessment (up to 250 servers). If you run it internally, budget 400 staff-hours across architecture, finance, security, and app teams—roughly USD 20 k at local rates. Either way, the exercise pays for itself if it avoids just 5 % of unplanned rework later, which averages USD 140 k per project (Gartner 2025).

Which cloud provider is best for ASEAN compliance?

There is no single winner. AWS, Azure, GCP, Alibaba, and Tencent all have local regions and PDPA-covered data-centres. Choose based on workload affinity: Alibaba for Chinese-language e-commerce, AWS for breadth of ISV contracts, Azure if you run Microsoft 365 E5. Evaluate side-by-side in the assessment using the compliance checklist above.

Can we migrate legacy mainframes at the same time?

Yes, but mainframes follow a different cadence—emulation (e.g., LzLabs, Micro Focus) or replatform to IBM zCloud. Factor 6–9 months for parallel inbox testing because COBOL decimal precision behaves differently on x86. Put mainframe on its own wave after distributed apps to avoid cross-team bottlenecks.

How do AI and automation change post-migration operations?

Agentic AI—like the workflows we covered in AI Agents vs Workflows—can cut cloud ops tickets by 38 % through self-healing run-books. Bake AI-enablement into your target architecture so autoscaling, anomaly detection, and cost-optimisation start the day you go-live, not six months later.

Ready to turn assessment insights into a bullet-proof migration plan? Visit https://technext.asia/contact and our cloud CoE will workshop your first 30-day roadmap with you.