Governance

Developing a workplace culture of enablement

Simply put, governance refers to the process of managing the development and deployment of data-driven applications in a consistent and controlled manner, ensuring that they adhere to organizational policies, standards, and regulations. This includes defining data requirements, ensuring data quality and security, establishing development processes, and managing the lifecycle of the applications. The goal of data application development governance is to maximize the value of data assets while minimizing risks and ensuring compliance.

Components for Effective Governance

26

Standardization

Ensure applications conform to the established governance model and adhere to conditions

Environments

Establishing development, testing and production environments for the appropriate life cycle of applications and their successful deployment.

Security

Establish security groups and protect against data loss and exposure of sensitive business data.

Licensing

Providing guidance that the right licensing models are chosen for balance of features and cost effectiveness.

Monitoring

Once implemented, effective monitoring is key to ensuring you stay out of the woods. Tools like Microsoft CoE are beneficial for this.

Questions about governance? Let's talk!

Our team of digital advisors are standing by

Our Experience Implementing Governance

    1. We begin by gaining an understanding of the governance maturity within the organization. This includes understanding established processes and guidebooks. What is the appetite for governance and understanding of its importance within the senior leadership team?
    2. Once we have governance buy-in, we identify the stakeholders and classify them into groups and roles, 
      •  Makers (citizen developers)
      •  IT professionals
      • Governance owners (who will monitor etc.)
    3. Next, we engage the key stakeholders on why governance is needed and the benefits it brings. We share the steps that are required to implementing governance and share stakeholder engagement that is necessary for success. 
    4. Tools and technology are selected and implemented to assist with the implementation and monitoring of governance. This could be a combination of out-of-box reporting available from within M365 up to selecting and implementing the CoE.
    5. Guidebooks/SOPs are created for makers to ensure they understand the steps required to develop and launch a new app. In our experience, items such as naming standards, branding guidelines, input validation, data connections to use/avoid are central to these documents.
    6. SOPs are created for governance owners (IT) to provide training on monitoring and compliance, including training on CoE. Training will vary depending on the familiarity, maturity and competency of IT governance group.
    7. Convverge provides ongoing support for the complete governance process as required. As an organization’s maturity increases, the necessity of Convverge input and leadership is lessened.
    8. Tools and technology are selected and implemented to assist with the implementation and monitoring of governance. This could be a combination of out-of-box reporting available from within M365 up to selecting and implementing the CoE.​
    9. Guidebooks/SOPs are created for makers to ensure they understand the steps required to develop and launch a new app. In our experience, items such as naming standards, branding guidelines, input validation, data connections to use/avoid are central to these documents.​
    10. SOPs are created for governance owners (IT) to provide training on monitoring and compliance, including training on CoE. Training will vary depending on the familiarity, maturity and competency of IT governance group.​
    11. Convverge provides ongoing support for the complete governance process as required. As an organization’s maturity increases, the necessity of Convverge input and leadership is lessened.

Governance on Power Platform

Power Platform is a suite of low-code development tools that allows teams to create custom applications, automate workflows, and analyze data. While Power Platform provides numerous benefits for organizations, it also introduces governance challenges that must be addressed to ensure that the platform is used in a controlled and secure manner. In this guide, we'll discuss the need for governance while using Power Platform and provide some best practices to help business leaders manage the platform effectively.

Screenshot 2023-02-14 100933

Why do it?

    • Data Security: Power Platform allows users to access and manipulate organizational data. The lack of governance can lead to data breaches and compliance issues, such as GDPR and CCPA.
    • Data Quality: Power Platform uses data from various sources. The lack of governance can lead to data inconsistencies and quality issues.
    • Cost: Power Platform is a powerful tool and may lead to excessive usage resulting in additional costs.
    • User Adoption: Lack of governance may lead to user confusion and lower adoption rates.
    • Consistency: Governance can help in maintaining consistency in the use of the platform.

Best Practices

    1. Establish a Center of Excellence: A Center of Excellence (CoE) can act as a centralized team to manage Power Platform usage. The CoE can establish governance policies, provide training, and oversee the development of apps.
    2. Define Roles and Permissions: Define clear roles and responsibilities for Power Platform usage. Assign permissions based on the user's role and job function.
    3. Data Management: Establish data management policies that include data classification, data retention, and data access controls. Ensure data protection and privacy.
    4. Application Lifecycle Management: Establish policies for the lifecycle management of applications. This includes development, testing, deployment, and retirement.
    5. Training and Support: Provide training and support to users. Encourage the use of templates and standardized approaches.
    6. Cost Management: Establish policies to manage costs, such as creating usage reports, setting usage limits, and monitoring licensing costs.
    7. Auditing and Monitoring: Establish auditing and monitoring policies to ensure compliance with organizational policies, regulations, and standards.

Our Learnings

    1. Establishing framework and guidelines at the onset mitigates exposure and reduces risk to the organization.
    2. Early engagement with IT is not only beneficial but critical for effective governance.
    3. When the focus is on the application only  - with little or no governance model – there often ends up being significant rework efforts as Power Platform momentum grows within the business.
    4. Use tools that are available to assist with monitoring and compliance. Often the good stuff is left on the shelf.
    5. Citizen Development is the way of the future. It is easier to govern and support than it is to deny and block.
    6. By ensuring the proper guard rails and policies are in place at the onset, IT professionals and makers will have more confidence in developing and delivering projects that consistently drive business value.

Questions about governance? Let's talk!

Our team of digital advisors are standing by

Governance & Fusion Development

Fusion development is becoming increasingly popular as organizations seek to modernize their application development processes and deliver custom applications faster. Low-code and no-code platforms such as Microsoft Power Platform, Mendix, and OutSystems are commonly used in fusion development, alongside traditional programming languages such as Java, .NET, and JavaScript.

What is Microsoft's Center of Excellence?

Microsoft's Center of Excellence (CoE) is a program that helps organizations build and scale internal capabilities for implementing and managing Microsoft technologies effectively. The CoE provides a framework for organizations to establish best practices and standards for using Microsoft technologies such as Azure, Dynamics 365, Power Platform, and others.

      • CoE is a starter system to build a governance model and keep IT in the loop. ​
      • Designed to protect against Power Platform development from spiralling when too many users (citizen developers) start creating solution.​
      • Best way to oversee security, ongoing development, inventory of solutions with adherences to the organizations governance model. ​
      • Helps to keep Power Platform clean with visibility into applications and workflows that are no longer used.
      • Clearly see areas of the business that are benefiting and which ones can use some help.​
      • Assists with accelerating adoption of citizen development within the organization.

Our Approach to Implementing COE

      • Engage all the key stakeholders to start planning the governance model
      • Ensure IT Team and development teams understand the benefits and necessity of the CoE tool. 
      • Establish a separate environment specific to CoE.
      • Work directly with the IT Team to install the tool. Provide training how to utilize its full potential. Develop a guidebook and SOPs.
      • With installation complete, finalize the governance plan and ensure appropriate data loss prevention policies are in place.
      • Identify apps in the organization that are compliant (and not).
      • Finalize best practices and ensure makers are engaged and willing to conform.
      • Monitor and support

Governance is critical for the effective use of Power Platform. It can help organizations manage the platform securely, consistently, and cost-effectively. It can also help organizations in achieving a higher user adoption rate, increasing efficiency, and enhancing the overall performance of the platform. By following the best practices mentioned in this guide, business leaders can establish a comprehensive governance strategy that maximizes the benefits of Power Platform.

Questions about establishing governance for your business? Let's talk!

Our team of digital advisors are standing by