Cloud migration

The 5 R's
Migration
Strategy.

Every workload is different. The 5 R's framework ensures cloud migration decisions are intentional, defensible, and cost-effective — not just technically convenient. Each decision is risk-assessed, documented, and fully auditable.

workload-classifier.sh — 12 workloads assessed
Workload classification results
Email server (Exchange) Rehost
SQL database cluster Replatform
Customer portal (monolith) Refactor
Legacy CRM (unused) Retire
SCADA control system Retain
File server (shared drives) Rehost
Rehost
Replatform
Refactor
Retire
Retain

Five decisions. Every workload gets one.

Applying the 5 R's correctly ensures cloud migration is controlled, defensible, and aligned to governance expectations. Every classification is documented, risk-assessed, and auditable — giving clarity to stakeholders and confidence to auditors.

R
01 / 05
// "Lift and Shift"

Rehost

Move applications to the cloud with minimal or no architectural change. Typically used where speed is a priority, or where applications are stable but need to exit legacy infrastructure. We assess rehosting suitability carefully, ensuring security controls, identity, and network exposure are reconfigured appropriately in the cloud environment.

Time-sensitive migrations Stable, low-complexity workloads Interim cloud adoption
R
02 / 05
// "Lift, Tinker, and Shift"

Replatform

Targeted improvements without full redesign — such as moving to managed databases, updated runtimes, or cloud-native services. Balances risk reduction and operational improvement, often delivering better resilience, performance, and cost efficiency while maintaining controlled change throughout the migration.

Moderate optimisation needed Improved availability Reduced operational overhead
R
03 / 05
// "Re-architect"

Refactor

Redesign applications to fully leverage cloud-native architecture, scalability, and resilience. The most complex option — typically driven by long-term strategic goals, technical debt reduction, or performance requirements. We ensure refactoring decisions are justified, scoped, and governed to manage risk and cost throughout.

Business-critical systems Long-term cloud-first strategy Scalability requirements
R
04 / 05
// "Switch off"

Retire

Remove applications that are no longer required, duplicated, or delivering value. A critical but often overlooked step — we help identify systems that can be safely decommissioned, reducing attack surface, licensing costs, and operational complexity while ensuring data retention and compliance obligations are met.

Legacy or unused applications Duplicate systems Risk & cost reduction
R
05 / 05
// "Keep where it is"

Retain

Keep systems in place — either temporarily or long-term. Often driven by regulatory constraints, technical limitations, or cost considerations. We ensure retain decisions are explicit, documented, and reviewed, avoiding unmanaged risk or accidental legacy sprawl over time.

Compliance or data residency constraints Tightly coupled platforms Deferred migration scenarios

Our approach

How we apply the 5 R's

Classification isn't a spreadsheet exercise. Every decision is grounded in business risk, governance requirements, and long-term strategy.

Assess every workload

We review each system individually — its complexity, dependencies, risk profile, and business criticality — before assigning a classification.

Document every decision

Each classification is documented with the rationale, risk assessment, and governance approval — giving you a complete audit trail.

Align to strategy, not convenience

Decisions are driven by long-term business goals and risk appetite — not what's quickest or easiest for the migration team.

Not sure how to classify your workloads?

We can help you work through the 5 R's for your specific environment — assessing every workload, documenting every decision, and building a migration strategy that's defensible and audit-ready.

Contact Us