It's an iterative process, as cloud estate changes over time, so do cloud governance processes and policies. Cloud Governance spans across the five disciplines:
- Cost Management - Evaluate & Monitor costs, limit IT spend, scale to meet need, create cost accountability
- Security Baseline - Ensure compliance with IT Security requirements by applying a security baseline to all adoption efforts
- Resource Consistency- Ensure consistency in resource configuration. Ensure practices for onboarding, recovery, and discoverability
- Identity Baseline - Ensure the baseline for identity and access are enforces by consistently applying role definitions and assignments
- Deployment Acceleration - Accelerate deployment through centralization, consistency, and standardization across deployment templates
The following systematic approach can help you put together an initial governance foundation:
- Methodology: This helps establishing a basic understanding of the methodology to drive cloud governance in the Cloud Adoption Framework to begin thinking through the end state solution.
- Benchmark: Evaluation and assessment of your AS-IS and TO-BE state to establish a vision for applying the framework.
- Governance MVP: Provides initial foundation to your governance journey with a small, easily implemented set of governance tools.
- Extend and Improvise your Governance MVP: Iteratively enhance your Governance MVP by adding governance controls to address tangible risks as you progress toward the end state.
Reference - https://aka.ms/CAF/Gov