Detail Checklist to set up Power Platform Governance
Introduction
Power Platform enables the developers to build Apps, websites, Dashboards, Chatbots and automate processes while connecting to various internal and external data sources through 1000+ built-in connectors. It not only empowers the citizen developers to rapidly build applications boosted by AI powered guidance, also there is immense capability for the Pro developers to create custom connectors for any data sources, extend the platform to leverage the capability of other services like Azure or frontend technologies.
With this empowerment, it’s mandatory to set up proper governance and monitoring to ensure the security and proper management of the platform. Now the governance covers a really BIG area, starting from choosing the right tools, creating security and support models, setting up defined processes for user access, applications and license management and planning for enabling the developers and administrators. If you are at the beginning of your Power Platform adoption, you may feel overwhelmed with this, so a consolidated checklist will help you to understand the required tasks, plan accordingly and make sure that you are not missing anything.
This article walks you through the fundamental steps you need to follow to set up a full proof Governance Plan and getting yourself geared up to start your Power Platform Adoption journey.
Getting ready to setup Governance
Task | Guideline |
Setup Center of Excellence Team | This team is responsible for Governance, Administration, monitoring. There can be one Central team for an organization, or multiple teams for different regions or divisions. Usually members of this team are assigned Power Platform Admin or Global Admin role. |
Install COE Starter Kit | CoE Starter Kit is a collection of components and tools that are designed to help you get started with developing a strategy for adopting and supporting Microsoft Power Platform. Get it here |
Analyze current Power Platform Inventory (if any) | You can use COE Starter Kit Power BI Dashboards to get an idea of current landscape of your Power Platform |
Environment Strategy
Task | Guideline |
Define Criteria for creating the environments | Based on Business Need, Region, Security etc. (Ideally there should be Dev/QA/Prod for each set of environments) |
Decide Administrators for each environment |
|
Process to request new environment | Check if you can utilize COE Starter Kit Environment Management Process |
Strategy for managing Teams Environments | Check if you can utilize COE Starter Kit Teams Governance Process |
Set up capacity soft limit for each environment | Check if you can use COE Starter Kit Capacity Management Process |
Data Loss Prevention Policies
Task | Guideline |
Decide which connectors should be enabled for each environment | |
Define default Connectors for newly created environments |
|
Process to update existing DLP Policies safely without impacting end users | |
Process to request a new connector to be part of Policy | Check if you utilize COE Starter Kit Environment and DLP Management Process |
Security
Task | Guideline |
Cross tenant isolation | From Power Platform Admin Center, create tenant rules to allow or disallow the data flow to or from another tenant. Please see here for more details. |
Conditional Access Policies | If you want to pilot your Power Apps or Power Automate for a set of users only, you can set that up using Conditional Access Policy |
Controlling Environment creation | Not every licensed user should be allowed to create environment, restrict environment creation to Admins only from Power Platform Admin Center Settings |
Security groups for each environment | Decide whether you should use Security groups to control environment access, details here |
Process for requesting user access into QA/Prod | Define a process of requesting user access, you can create a custom application using Power Apps and Power Automate or use your existing ticketing system. |
Strategy for managing guest user access | If you don’t want guest users to access your tenant, you can control it through tenant settings. If you want to restrict only for Power Platform, this can be done using Conditional Access policies. |
License Management
Task | Guideline |
Decide the License requirement to kick start your Power Platform Adoption | This example gives you an comparative idea of which type of license to choose. |
Define a process for the users to request new license | Check if you can use your existing Ticketing system for license requesting. |
App and Flow Management
Task | Guideline |
Define App Classification criteria to decide which environment they will go to. | This can be based on App Criticality or Business/Function areas . You can use the COE starter kit Maker Assessment tool as a reference. |
Set up App Compliance Process | Please refer to COE Starter Kit App Compliance process |
Set up Inactive App/Flow Management Process | Please refer to COE Starter Kit Inactivity Notification process |
Set up orphaned App/Flow Management process | Please refer to COE Starter Kit Orphaned App Management Process |
Define process for requesting new Enterprise App, promote an App to a different environment | Check if you can use your existing Ticketing system. |
Application Lifecycle Management
Task | Guideline |
Define your Application Lifecycle Management Strategy | Please refer to this Decision Tree for choosing the correct ALM option. |
Monitoring and Analytics
Task | Guideline |
Monitor your Platform in a regular basis to make sure nothing is going beyond as expected | You can use Out-of-the-box Analytics from Power Platform Admin Center. Turn on Tenant level Analytics to have an overall view |
Auditing | You can get the Audit log data for Apps Create, Delete, Launch etc. from Microsoft Compliance Center Audit Log, view details here |
Developer Guidance, Upskilling, Communication and Support Plan
Task | Guideline |
Create Developer guideline document with standards and best practices. Set up training sessions if needed. | Empower your citizen developers with proper training and resources. |
Create a website with all Power Platform quick reference materials | You can leverage Power Platform Hub template |
Create a support model for supporting both developers and end users | Decide how will end users raise issues/queries , do you want to use a ticketing system? How will developers reach Administrators for any support needed? |
Have a plan for Administrative tasks | You can use COE Starter Kit Administrative task component |
Communication Plan | Define a strategy for communicating any announcement to the users |
Comments
-
Detail Checklist to set up Power Platform Governance
Thank you @suparna-banerje for sharing this really very useful.
Thanks,
Suresh -
Detail Checklist to set up Power Platform Governance
Hi,
This is great summary of overall governance for initial adoption. Thank you for posting this.
I wonder if there is up to date version on Microsoft documentation site? Also, any presentation slides if you are aware of?
Thank you in advance
F
-
-
Detail Checklist to set up Power Platform Governance
This is the best Power Platform checklist I have seen so far. Well done.
I recommend adding the NorthStar Environment governance approach as well.
-
Detail Checklist to set up Power Platform Governance
Thank you Suparna, for this great article. Everything crisp, to the point.
Keen to know do you have any thoughts on North Star Architecture in Power Platform as well, since that is the way Microsoft is recommending for landing zones which is pretty important for PP Governance.
-
Detail Checklist to set up Power Platform Governance
Thank you, Suparna!
I've just started a governance role in huge company without governance of Power Platform at all.Your article helped me a lot to structure next steps!
-
Detail Checklist to set up Power Platform Governance
The truth is that this topic is very interesting.
It is something that everyone should configure before starting to use Power platform.
*This post is locked for comments