Kyndryl sovereignty services to enable better visibility and control across IT environments

“Sovereignty readiness is therefore not just a compliance exercise. It is about maintaining operational control, reducing disruption risk, and supporting business continuity as conditions change,” says Minh Tran Duc, Cloud & Data Practice Leader, Kyndryl ASEAN & Korea at Kyndryl.

One of the biggest challenges organizations are facing today is having visibility and control across their IT environments. With more organizations deploying AI use cases and employees using AI tools without proper guard rails in place, businesses are struggling to keep up with managing them.

At the same time, regulatory requirements are pressuring companies to have sufficient guard rails when using data for AI. According to the Kyndryl Readiness Report, 83% of business leaders say sovereignty and repatriation considerations have grown more important in the past year. Geopolitical uncertainty, business continuity demands and increasing interdependencies across IT environments are driving these changes.

Given this scenario, Kyndryl unveiled Kyndryl Sovereignty Solutioning, a suite of advisory, implementation and managed services — including a new Sovereignty Readiness Assessment — designed to help organizations understand and manage dependencies as they seek greater choice, control and resilience across their IT environments.

Kyndryl Sovereignty Solutioning combines consulting, engineering and operational capabilities to help organizations design and implement sovereignty‑ready architectures across hybrid IT environments and operate under sovereignty constraints with appropriate controls and auditability.

The Sovereignty Readiness Assessment applies Kyndryl’s expertise in managing complex and evolving IT estates to evaluate the interconnectivity of technology, operations and data. Using a decision-oriented model that moves beyond static scores or vendor-specific approaches, the assessment identifies sovereignty gaps and operational dependencies. It then translates them into sequenced, practical options and a phased roadmap to guide an organization in making informed decisions across cloud and security as global requirements evolve.

Minh Tran Duc, Cloud & Data Practice Leader, Kyndryl ASEAN & Korea at Kyndryl explains to CRN Asia more about Kyndryl Sovereignty Solutioning and the Sovereignty Readiness Assessment and how businesses in the region can benefit from it.

Why is sovereignty readiness critical for organizations in Southeast Asia?

Sovereignty readiness matters because organizations in Southeast Asia operate across fragmented regulatory environments while running highly distributed IT systems. At its core, sovereignty is about giving organizations greater choice and control over their digital systems, not withdrawing from the global digital economy.

Data, workloads, and AI models often span multiple jurisdictions through cloud platforms and regional hubs. At the same time, national rules on data residency, access, and control continue to diverge across markets.

This creates an operational risk. If organizations cannot map where data sits, how it moves, who controls it, and how their technology and operations are connected, they lose the ability to respond quickly to regulatory change or disruption.

Sovereignty readiness is therefore not just a compliance exercise. It is about maintaining operational control, reducing disruption risk, and supporting business continuity as conditions change. This matters as sovereignty decisions cut across data, technology and operations – from where data resides, to how systems are architected, to how services are governed across markets.

Are businesses in the region aware of its importance and the consequences of not being prepared?

Awareness is rising, but most organizations are still not operationally ready.

Kyndryl’s Readiness Report shows that 83% of business leaders say sovereignty and repatriation have become more important in the past year. However, readiness remains uneven. In Singapore, only 24% of organizations report being fully prepared to manage future risks.

This gap shows that many organizations understand the issue at a strategic level but have not yet translated that awareness into operational resilience.

The consequences can be significant. Organizations may lose control over critical data, face disruption when regulations change, or respond too slowly to geopolitical and market shifts.

The risk increases as AI adoption grows. AI systems depend on continuous access to trusted data. Without clear governance, organizations face not only compliance exposure but also business interruption and loss of customer trust.

How is Kyndryl working with partners to run the readiness assessment?

Kyndryl focuses on decisions, not just diagnostics.

The Sovereignty Readiness Assessment evaluates data, operational and technical domains to identify risks such as data residency exposure and reliance on external control planes. It then turns these findings into practical options and a phased roadmap.

The model helps organizations understand trade-offs across cloud, security, and data strategies, rather than giving them a static score or vendor-anchored maturity model.

Kyndryl then works with hyperscalers and local providers to implement the right operating model. This can include in-country or hybrid architectures, encryption, access governance, in-region delivery, separation of control planes, and tested failover capabilities.

Is this offering part of Kyndryl Consult?

Yes. The assessment is advisory-led and closely aligned with Kyndryl Consult before extending into implementation and ongoing operations.

This matters because sovereignty decisions involve trade-offs across cost, performance, risk, and compliance. The wrong design choice can raise costs, constrain incident response, and slow market moves.

Kyndryl helps organizations assess these trade-offs early and align technical decisions with business outcomes.

Can the assessment help deal with shadow AI issues companies are facing?

Yes, but indirectly. It helps expose the conditions that allow shadow AI to emerge.

Shadow AI often develops when employees use AI tools without clear oversight of data access, usage, or governance. The assessment can identify where sensitive data and AI workloads lack sufficient visibility, auditability, or control.

With that foundation, organizations can bring unauthorized AI usage into a more resilient and governed framework. The assessment does not eliminate shadow AI on its own, but it helps organizations contain the risk and strengthen oversight.

Lastly, is there a need for continuous assessment, and how is Kyndryl dealing with it?

New cloud services, AI use cases, or regulatory requirements can alter an organization's exposure. That means sovereignty readiness must be maintained as an ongoing operational discipline.

Kyndryl supports this by extending beyond the initial assessment into ongoing operations. This includes in-region delivery teams, continuous monitoring, control enforcement, and transparent reporting to demonstrate compliance and resilience.

This reflects a broader market shift. Kyndryl data shows that 65% of organizations are adjusting their cloud strategies in response to geopolitical and regulatory pressures. As a result, organizations need to reassess how and where their data is stored, processed, and secured on a regular basis.