Skip to content
State-Owned Enterprises (BUMN) Sector

Corporate Cloud Foundation (AWS / Azure / GCP Essentials) for the State-Owned Enterprises (BUMN) Sector

State-owned enterprises (BUMN) adopt cloud under Perpres 95/2018 SPBE and SPI/BPK oversight. The cloud surface spans many subsidiaries with different needs (energy, telco, banking, infrastructure). Without a holding-level landing zone & FinOps, cloud costs cannot be reported to the AGM and security posture is uneven across entities. The Cloud Adoption Framework (AWS/Azure) provides a structure applicable across subsidiaries.

format
In-house / online / hybrid
duration
3–5 intensive days or 2–4 month phased program
participants
10–25 per cohort
language
Indonesian / English
State-Owned Enterprises (BUMN) Sector Focus

Why Corporate Cloud Foundation (AWS / Azure / GCP Essentials) is different in State-Owned Enterprises (BUMN)

State-owned enterprises (BUMN) adopt cloud under Perpres 95/2018 SPBE and SPI/BPK oversight. The cloud surface spans many subsidiaries with different needs (energy, telco, banking, infrastructure). Without a holding-level landing zone & FinOps, cloud costs cannot be reported to the AGM and security posture is uneven across entities. The Cloud Adoption Framework (AWS/Azure) provides a structure applicable across subsidiaries.

Sector KPIs
  • Landing zone & guardrail coverage across subsidiaries
    Nearly all entities under a uniform pattern
  • Holding FinOps discipline (tagged spend ratio)
    Nearly all cloud spend tagged
  • SPI/BPK findings related to cloud governance
    No material findings in the next period
Relevant regulations & standards
  • Perpres 95/2018 SPBE BUMN as public instruments
  • PER-2/MBU/03/2023 BUMN Governance
  • UU PDP No. 27/2022
  • Perpres 47/2023 National Cyber Security Strategy
  • CIS AWS / Azure / GCP Benchmarks
  • ISO/IEC 27001:2022 + ISO/IEC 27017 cloud service controls
Target roles in State-Owned Enterprises (BUMN)
  • Holding CIO / Group CTO
  • Director of HR & IT
  • Head of SPI
  • Head of IT Risk Governance Division
  • Head of Holding Cloud CoE
  • Holding FinOps Lead
Outcomes commonly requested in State-Owned Enterprises (BUMN)
  • Holding landing zone standardized across subsidiaries
  • Subsidiary CIO/CTO teams master each major vendor's Well-Architected framework
  • FinOps running with per-subsidiary cost dashboards reported to the holding
  • UU PDP and SPBE compliance documentation consistent across entities
  • No material SPI/BPK findings related to cloud governance
State-Owned Enterprises (BUMN)-specific questions
Can the program run as a holding-level initiative across subsidiaries?
Yes. A roadshow + recurring-program format covers key cities where subsidiaries operate, plus virtual sessions for remote entities. The holding receives training-coverage & cloud-posture dashboards across subsidiaries.
How does this align with AKHLAK and BUMN governance?
Behavioral components map to AKHLAK: 'Amanah' for citizen data & state spend, 'Kompeten' for cloud literacy, 'Loyal' for policy compliance. Governance components meet PER-2/MBU/03/2023 on IT risk management.
Does Neksus support BUMN procurement (RKAP, e-procurement)?
Yes. RKAP-friendly documents (NPWP, PPN invoices, domicile certificate), HPS, BUMN contract formats, and scheduling aligned to the annual budget cycle.

Quick Answer

Corporate Cloud Foundation training is an in-house program that equips technical teams with AWS, Azure, and GCP essentials — networking, identity, compute, storage, security, and cost — guided by AWS Well-Architected 6 pillars, the FinOps Framework, NIST SP 800-145, and CIS Benchmarks, so cloud adoption is fast, safe, and cost-disciplined.

Free Consultation

Guided by industry-recognized cloud frameworks

The material follows AWS Well-Architected (6 pillars), Azure Well-Architected, Google Cloud Architecture Framework, NIST SP 800-145 (the official cloud definition), CIS Benchmarks (hardening), FinOps Framework (cost), and Cloud Adoption Framework (landing zone) — the frameworks cloud vendors and independent auditors themselves reference.

Without FinOps, enterprise cloud spend escalates fast

Unmanaged cloud workloads typically carry 20–35% wasted spend (idle resources, over-provisioning, logs without lifecycle, suboptimal savings plans). The FinOps module establishes discipline that can be reported to the CFO before the board blocks new cloud investment.

Adoption pattern: disciplined single-cloud before multi-cloud

For most Indonesian enterprises, single-cloud executed with strong landing zones, FinOps, and Well-Architected is more sensible than premature multi-cloud. Multi-cloud becomes relevant only with strong reason (regulator residency, critical resilience, unique service combinations).

Cloud Foundation (AWS / Azure / GCP Essentials)

Corporate cloud foundation training is an in-house program that equips technical and operations teams with AWS, Microsoft Azure, and Google Cloud essentials — service models, networking, identity, storage, observability, security, and cost — mapped to AWS Well-Architected 6 pillars, Azure Well-Architected, Google Cloud Architecture Framework, NIST SP 800-145, CIS Benchmarks, and the FinOps Framework, with landing zone and guardrail practice aligned to the Cloud Adoption Framework.

1Designed via training needs analysis (TNA) by role: developer, ops/SRE, security, data, architect, technical executive
2Grounded in NIST SP 800-145 (IaaS/PaaS/SaaS + 5 essential characteristics) as the conceptual baseline
3Hands-on with major vendors: AWS (Well-Architected 6 pillars), Azure (Well-Architected + CAF Azure landing zone), GCP (Architecture Framework)
4Cost governance grounded in the FinOps Framework (3 phases: Inform, Optimize, Operate) — tagging, budgets, rightsizing, savings plans
5Baseline hardening per CIS Benchmarks AWS/Azure/GCP, with landing zone & guardrail labs (SCP / Azure Policy / Org Policy)
6Measured via Kirkpatrick (L1–L3); upgradable to Phillips ROI L5 when finance or risk requires monetary impact

Measurable Outcomes

Expected Outcomes

Indicators mapped to Kirkpatrick levels and Well-Architected pillars — qualitative targets, set jointly during TNA against your baseline.

Cloud concept mastery (Kirkpatrick L2 — Learning)
Most participants pass knowledge assessment on service models (IaaS/PaaS/SaaS per NIST 800-145), VPC/VNet networking, IAM, and storage tiers
Well-Architected practice (L3 — Behavior)
Participants complete a Well-Architected review on one internal workload across 6 pillars (Operational Excellence, Security, Reliability, Performance, Cost, Sustainability)
Baseline hardening (L3 — Behavior)
Baseline guardrails confirmed (root account protection, MFA, CIS Benchmarks baseline, encryption-at-rest enabled) on lab accounts
Cost discipline (FinOps Inform phase)
Tagging strategy, budgets, and per-team/product cost dashboards defined; participants can read cost & usage reports
Landing zone readiness (CAF)
Team has a draft landing zone (account/subscription/project structure, identity, network, logging) aligned to the Cloud Adoption Framework
Monetized ROI (Phillips L5 — optional)
Estimated savings from rightsizing, savings plans, and idle-resource elimination, with isolated training effect when finance requests numbers

Program Format

Program Format Options

Chosen by your cloud-adoption stage — finalized after TNA.

1

Cloud Essentials Bootcamp (3–5 days)

Intensive AWS/Azure/GCP essentials bootcamp: NIST 800-145 concepts, networking, IAM, compute, storage, observability, security & cost basics. Hands-on labs in sandbox accounts.

Best for: Teams new to cloud or expanding cloud adoption
2

Well-Architected Review Workshop

Consultative workshop: participants bring a real workload, facilitator guides a Well-Architected review across 6 pillars with prioritized recommendations as output.

Best for: Teams already running cloud and seeking maturity uplift
3

Landing Zone & Guardrail Design

Consultative session designing a landing zone (accounts/subscriptions structure, identity, hub-spoke network, logging, guardrails) aligned to the Cloud Adoption Framework.

Best for: Organizations pre-migration or standardizing multi-team cloud usage
4

Recurring FinOps Enablement

Recurring program (monthly/quarterly): reading cost & usage reports, rightsizing sessions, savings plan/commitments review, and a cross-team FinOps cadence.

Best for: Organizations with significant cloud spend needing sustained discipline

Free Consultation

Discuss your team's cloud adoption plan

Start with a free training needs analysis: we map vendors, roles, cloud adoption stage, and your regulatory obligations, then build a proposal and budget based on real needs.

Request Proposal

Curriculum

Curriculum Framework

Designed via ADDIE; final modules curated by target vendor (AWS / Azure / GCP), role, and maturity level from TNA. Topics below represent the full activatable coverage.

Comparison

Choosing Vendor & Training Format

Concise decision matrix — final recommendation set after training needs analysis.

AspectCloud Essentials BootcampWell-Architected Review WorkshopLanding Zone & Guardrail DesignRecurring FinOps Enablement
Primary goalBuild concept foundation + labsMature an existing workloadStandardize accounts & guardrailsCost discipline & accountability
Ideal participantsTeams new to / expanding cloudTeams already running, need reviewPre-migration or multi-teamCloud spend already significant
Typical duration3–5 intensive days2–3 day workshop1–2 week consultingMonthly / quarterly
Main outputConcept mastery + certificatePrioritized 6-pillar recommendationsLanding zone reference + guardrailsTagging, dashboard, FinOps cadence
Core framework usedNIST 800-145 + Well-Architected basicsFull Well-Architected 6 pillarsCloud Adoption Framework + CISFinOps Framework 3 phases

For Whom

Who This Program Is For

Designed by role because cloud adoption challenges differ across functions.

Application developers & engineers

Teams building services on cloud (web, API, mobile backend, data pipelines).

Common challenges

  • Unclear which compute to pick (VM vs container vs serverless) for real workloads
  • Not yet fluent with cloud-safe network, IAM, and secret management patterns
  • Costs balloon from idle resources, logs without lifecycle, and over-provisioned databases

Operations / SRE / Platform engineers

Teams running, monitoring, and securing the platform for all application teams.

Common challenges

  • Hard to standardize landing zones & guardrails across teams (each team rolls its own)
  • Fragmented observability: logs, metrics, traces not connected
  • Patching, scaling, disaster recovery lack consistent repeatable patterns

Security & Compliance

Teams ensuring cloud adoption aligns with regulations & internal controls.

Common challenges

  • Shared responsibility not yet mapped to internal controls (ISO 27001, POJK, UU PDP)
  • CIS Benchmarks not applied consistently across accounts/subscriptions/projects
  • Audit logs scattered across accounts and missing centralization for forensics / examinations

Architects & Tech Leads

Owners of system design and the patterns used by many teams.

Common challenges

  • No shared Well-Architected vocabulary for trade-off discussions
  • Hard to decide single vs multi-cloud appropriate for Indonesian context
  • 6 R's migration not yet used as a workload-by-workload decision framework

Technical executives (CIO / CTO / Head of Eng)

Owners of cloud investment decisions and cost accountability to the board.

Common challenges

  • Monthly cloud bills rise without per-team/product visibility
  • No FinOps discipline that can be reported to the CFO
  • Cloud adoption roadmap not yet built using the Cloud Adoption Framework

Industry Context

Industry Applications

One specific use case per industry, naming real workflows, regulations, and architecture patterns.

Banking & Financial Services

Bank cloud adoption with a landing zone meeting POJK 11/POJK.03/2022 (commercial bank IT risk management) and SEOJK 29/SEOJK.03/2022 (cyber security), including shared-responsibility documentation, customer data residency aligned with UU PDP, and exit-strategy readiness for the regulator.

See in Banking & Financial Services context →
Technology & Startups

Standardizing landing zone & FinOps across product teams at a fast-growing technology company — so cloud costs stay controlled, guardrails are uniform, and onboarding new teams is fast without lowering security posture.

See in Technology & Startups context →
State-Owned Enterprises (BUMN)

Holding-scale cloud foundation across subsidiaries with governance auditable by BPK/SPI, uniform landing zone, and consistent UU PDP compliance documentation across entities.

Manufacturing

Cloud foundation for manufacturing plants & corporate functions with production analytics, IoT/OT data lakes, and ERP integration needs — with FinOps discipline because IoT ingestion costs balloon quickly.

See in Manufacturing context →
Government & Public Sector

Cloud foundation for government agencies running SPBE with landing zones that consider citizen-data residency (UU PDP public sector), BSSN guidance, and SPBE Index audit readiness.

See in Government & Public Sector context →
Healthcare & Pharmaceuticals

Cloud foundation for hospitals & health networks with modern SIMRS, BPJS/insurance integration hubs, and clinical analytics — with patient data protected per UU PDP (specific personal data) and KARS accreditation readiness.

See in Healthcare & Pharmaceuticals context →

Delivery Method

Delivery

Format adapts to your technical team distribution; all formats are hands-on in cloud sandbox accounts.

On-site intensive & workshop

Facilitator comes to your office for a 3–5 day bootcamp; labs in cloud sandbox accounts, Well-Architected review of an internal workload, and landing zone exercises.

Live online + managed labs

Interactive classes via Zoom/Teams for distributed teams; labs run in AWS/Azure/GCP sandbox accounts provided by Neksus or your internal accounts.

Hybrid

On-site for consultative modules (Well-Architected review, landing zone design); online for concepts & labs — suits multi-location teams.

Scheduling fits your release & on-call calendar
Materials & labs localized to Indonesian context (nearest region, regulations, industry patterns)
Sandbox accounts with budget guardrails provided for labs; alternative is labs in your internal account with limited scope
Participation certificate for every attendee
Evaluation report & prioritized recommendations from Well-Architected review for technical leadership

Engagement Flow

Engagement Path

Follows ADDIE + Cloud Adoption Framework — qualitative durations, scaled to your size & target vendor.

1

Training Needs Analysis & Adoption Position

Mapping primary vendors, roles, cloud adoption stage (greenfield/migration/scale), critical workloads, regulatory obligations, and measurement baseline. Output: needs profile + lab scope.

Initial stage
2

Program Design by Role (ADDIE)

Drafting measurable learning objectives, role-based syllabi (dev/ops/security/architect/executive), lab scenarios, and framework map to Well-Architected, FinOps, CIS.

Pre-delivery
3

Cloud Essentials Bootcamp

Core 3–5 day session: NIST 800-145 foundations, networking, IAM, compute, storage, observability, security & cost basics. Hands-on labs in sandbox accounts.

Core week
4

Well-Architected Review of Internal Workload

Team brings a real workload; facilitator guides a 6-pillar review, producing prioritized recommendations the team can execute themselves.

Post-bootcamp
5

Landing Zone & Guardrail Roll-out

Consultative workshop designing landing zone (accounts/subscriptions/projects, identity, network, logging, guardrails via SCP/Azure Policy/Org Policy) aligned to CAF.

Rolling per team
6

FinOps Cadence & Recurring Evaluation

Monthly/quarterly cadence: per-team/product cost review, rightsizing, savings plans, and Kirkpatrick L1–L4 evaluation (Phillips L5 on request). Institutionalize cloud discipline.

Recurring & continuous

Case Studies

Typical Outcome Patterns

Illustrative patterns based on similar program structures — no named clients or promised numbers. FinOps and Well-Architected practices reference FinOps Foundation and AWS/Azure/GCP as industry sources.

Financial institution with engineering teams across many digital products

Intervention

Cloud essentials bootcamp by role + landing zone workshop per CAF + initial FinOps session

Result

Uniform landing zone in place, baseline CIS Benchmarks posture applied, and FinOps started reporting to the board

Fast-growing technology company with early multi-cloud presence

Intervention

Well-Architected review per workload + IaC paved-road + SaaS FinOps

Result

Uniform patterns across engineering teams, per-unit cost declined, and new team onboarding accelerated

BUMN holding with many subsidiaries at varying cloud adoption

Intervention

Subsidiary CIO/CTO bootcamp + holding landing zone + FinOps dashboards across entities

Result

Consistent cloud governance patterns across subsidiaries and cloud spend reported to the holding

Procurement Info

Information for Procurement & Vendor Management

What procurement, finance, legal, and information security teams need.

Legal entity

Indonesian PT under the Selestia ecosystem (Eduprima group); complete NPWP & legal documents; ready for PKS/contracts and vendor onboarding.

Proposal

Structured proposal: measurable learning objectives, role-based syllabus, framework map (NIST SP 800-145 / AWS-Azure-GCP Well-Architected / CIS Benchmarks / FinOps Framework / Cloud Adoption Framework / UU PDP / POJK if relevant), facilitator profile, schedule, and TNA-based cost detail.

Pricing model

TNA-based — flat per program, per session, per participant, tiered, or custom. No standard numbers without needs analysis; estimates issued after TNA is agreed.

Payment & tax

Flexible terms (DP + balance / per-batch installments); tax invoice (PPN) and PO documentation supported.

BUMN/government procurement

Familiar with BUMN/government procurement: vendor documentation, e-procurement / SPSE, HPS/offers, and compliance clauses.

Measurement

Kirkpatrick L1–L3 evaluation reports (attendance, knowledge assessment, lab & Well-Architected review behaviors); Phillips ROI L5 on finance/risk request (FinOps savings estimates).

Confidentiality & data security

NDA signing, confidentiality of participant data & internal workloads brought into Well-Architected reviews, and practices aligned with UU PDP and your internal security policy.

Material ownership

Scenarios, landing zone references, and reports built for your company are yours; usage rights of training materials are agreed in the contract.

FAQ

Frequently Asked Questions

Next Step

Discuss your team's cloud adoption plan

Start with a free training needs analysis: we map vendors, roles, cloud adoption stage, and your regulatory obligations, then build a proposal and budget based on real needs.

  • Training needs analysis at no cost — the natural first step
  • Proposal, role-based syllabus, and framework map (Well-Architected / FinOps / CAF / CIS) within a few business days
  • Labs in sandbox accounts with budget guardrails; internal workload review option
  • Procurement-ready documents (company profile, NPWP, NDA, PPN tax invoice)
Request Proposal & Free TNAFree Consultation

Explore More

Related Topics

Pelatihan Docker Dan KubernetesPelatihan Devsecops FoundationsPelatihan Mlops Production Ai EngineeringKeamanan Siber Kesadaran KaryawanTransformasi Digital Eksekutif

Corporate Cloud Foundation (AWS / Azure / GCP Essentials) training for your State-Owned Enterprises (BUMN) team

Start with a free training needs analysis: we map vendors, roles, cloud adoption stage, and your regulatory obligations, then build a proposal and budget based on real needs.

  • Training needs analysis at no cost — the natural first step
  • Proposal, role-based syllabus, and framework map (Well-Architected / FinOps / CAF / CIS) within a few business days
  • Labs in sandbox accounts with budget guardrails; internal workload review option
  • Procurement-ready documents (company profile, NPWP, NDA, PPN tax invoice)
PIC Contact (HR / L&D / Procurement)
Company
Training Need