Hi
@ChristinePadilla,
In my experience there are many criteria that organisations use to sanction apps. To note, not all organisations use all of these
- Security and Compliance
I.e. whether the app is on the security and compliance list here (
https://docs.microsoft.com/en-us/microsoft-365-app-certification/teams/teams-apps)
I.e. whether the app solves issues with shadow IT
I.e. whether the app adheres to compliance regalations (I.e. GDPR, Data Residency and Privacy)
- Cost
I.e. whether the app replaces a paid alternative
I.e. what the app costs if it involves licencing or creation
I.e. will users need to be trained?
I.e. if the app needs third party support or development is this charged?
- Productivity
I.e. what productivity gains are expected in terms of implementing the app
I.e. what time savings can users expect in using the app?
I.e. can the productivity gains be assessed
I.e. can the app be used in existing business processes or do these need to be rewritten
I.e. can the app be used in mobile as well as the web client?
I.e. even if the app is deployed will users really use it and not use alternatives?
- Applicability and Reliability
I.e. can the app be tested?
I.e. is the app supported?
I.e. is the app expected to change over time for changing business needs?
I.e. can the app be expanded or changed if needed?
I.e. if the app needs third party support are they reliable?
I.e. is there ways of measuring how the app is used?
I.e. what is the process for raising and resolving bugs?
I.e. what is the process for raising issues with an outage?
I.e. does the app have an SLA?
I.e. where is the data in the app stored?
This is not a complete list. However, as you can see, there are many decisions and real thought which needs to go into adding the app. If the decision making process was mature there would usually be an RFC process around this, a streamlined way for applying to add an app and a period of testing to verify its positive output in the business.
It may be worthwhile to take a look at the service adoption specialist course which can be taken for free
https://www.edx.org/course/microsoft-service-adoption-specialist-2This could be applied to apps, because the implementation of apps is not just on the decision making criteria of the app, it is also about things like stakeholders, getting business and user buy in, communicating to the organisation what is taking place and setting goals in the adoption of the application.
Connectors would be a similar process - and with connectors I am sure you are familiar with considerations such as what accounts would you use for the connector (I.e. in the case of Twitter), are they controlled, are the identies secured.
Hope that gives you some insights and helps to answer your question!
Best, Chris