cancel
Showing results for 
Search instead for 
Did you mean: 
suparna-banerje

Detail Checklist to set up Power Platform Governance

Introduction

 

Power Platform enables the developers to build Apps, websites, Dashboards, Chatbots and automate processes while connecting to various internal and external data sources through 1000+ built-in connectors. It not only empowers the citizen developers to rapidly build applications boosted by AI powered guidance, also there is immense capability for the Pro developers to create custom connectors for any data sources, extend the platform to leverage the capability of other services like Azure or frontend technologies.

 

With this empowerment, it’s mandatory to set up proper governance and monitoring to ensure the security and proper management of the platform. Now the governance covers a really BIG area, starting from choosing the right tools, creating security and support models, setting up defined processes for user access, applications and license management and planning for enabling the developers and administrators. If you are at the beginning of your Power Platform adoption, you may feel overwhelmed with this, so a consolidated checklist will help you to understand the required tasks, plan accordingly and make sure that you are not missing anything.

 

This article walks you through the fundamental steps you need to follow to set up a full proof Governance Plan and getting yourself geared up to start your Power Platform Adoption journey.

 

Getting ready to setup Governance

 

Task

Guideline

Setup Center of Excellence Team

This team is responsible for Governance, Administration, monitoring. There can be one Central team for an organization, or multiple teams for different regions or divisions. Usually members of this team are assigned Power Platform Admin or Global Admin role.

Install COE Starter Kit

CoE Starter Kit is a collection of components and tools that are designed to help you get started with developing a strategy for adopting and supporting Microsoft Power Platform. Get it here

Analyze current Power Platform Inventory (if any)

You can use COE Starter Kit Power BI Dashboards to get an idea of current landscape of your Power Platform

 

Environment Strategy

 

Task

Guideline

Define Criteria for creating the environments

Based on Business Need, Region, Security etc.   (Ideally there should be Dev/QA/Prod for each set of environments)

Decide Administrators for each environment

 

Process to request new environment

Check if you can utilize COE Starter Kit Environment Management Process

Strategy for managing Teams Environments

Check if you can utilize COE Starter Kit Teams Governance Process

Set up capacity soft limit for each environment

Check if you can use COE Starter Kit Capacity Management Process

 

Data Loss Prevention Policies

 

Task

Guideline

Decide which connectors should be enabled for each environment

 How to create DLP Policies

Define default Connectors for newly created environments

 

Process to update existing DLP Policies safely without impacting end users

Check if you can use DLP Editor App of COE Starter Kit

Process to request a new connector to be part of Policy

Check if you utilize COE Starter Kit Environment and DLP Management Process

 

Security

 

Task

Guideline

Cross tenant isolation

 From Power Platform Admin Center, create tenant rules to allow or disallow the data flow to or from another tenant. Please see here for more details.

Conditional Access Policies

 If you want to pilot your Power Apps or Power Automate for a set of users only, you can set that up using Conditional Access Policy

Controlling Environment creation

 Not every licensed user should be allowed to create environment, restrict environment creation to Admins only from Power Platform Admin Center Settings

Security groups for each environment

 Decide whether you should use Security groups to control environment access, details here

Process for requesting user access into QA/Prod

 Define a process of requesting user access, you can create a custom application using Power Apps and Power Automate or use your existing ticketing system.

Strategy for managing guest user access

 If you don’t want guest users to access your tenant, you can control it through tenant settings. If you want to restrict only for Power Platform, this can be done using Conditional Access policies.

 

License Management

 

Task

Guideline

Decide the License requirement to kick start your Power Platform Adoption

This example gives you an comparative idea of which type of license to choose.

Define a process for the users to request new license

Check if you can use your existing Ticketing system for license requesting.

 

App and Flow Management

 

Task

Guideline

Define App Classification criteria to decide which environment they will go to.

This can be based on App Criticality or Business/Function areas . You can use the COE starter kit Maker Assessment tool as a reference.

Set up App Compliance Process

Please refer to COE Starter Kit App Compliance process

Set up Inactive App/Flow Management Process

Please refer to COE Starter Kit Inactivity Notification process

Set up orphaned App/Flow Management process

Please refer to COE Starter Kit Orphaned App Management Process

Define process for requesting new Enterprise App, promote an App to a different environment

Check if you can use your existing Ticketing system.

 

Application Lifecycle Management

 

Task

Guideline

Define your Application Lifecycle Management Strategy

Please refer to this Decision Tree for choosing the correct ALM option.

Step-by-step -Setup Azure DevOps Pipelines for Power Platform ALM

Step-by-step Setup GitHub workflows for Power Platform ALM

ALM Accelerator for Power Platform

Power Platform Pipelines

 

Monitoring and Analytics

 

Task

Guideline

Monitor your Platform in a regular basis to make sure nothing is going beyond as expected

You can use Out-of-the-box Analytics from Power Platform Admin Center. Turn on Tenant level Analytics to have an overall view

Leverage COE Starter Kit Power BI Dashboards

Auditing

You can get the Audit log data for Apps Create, Delete, Launch etc. from Microsoft Compliance Center Audit Log, view details here

Install COE Starter Kit Audit log component which is a wrapper on top of this.

 

Developer Guidance, Upskilling, Communication and Support Plan

 

Task

Guideline

Create Developer guideline document with standards and best practices. Set up training sessions if needed.

Empower your citizen developers with proper training and resources.

Create a website with all Power Platform quick reference materials

You can leverage Power Platform Hub template

Create a support model for supporting both developers and end users

Decide how will end users raise issues/queries , do you want to use a ticketing system? How will developers reach Administrators for any support needed?

Have a plan for Administrative tasks

You can use COE Starter Kit Administrative task component

Communication Plan

Define a strategy for communicating any announcement to the users

 

Comments

The truth is that this topic is very interesting.
It is something that everyone should configure before starting to use Power platform.

Anonymous

Thank you, Suparna!
I've just started a governance role in huge company without governance of Power Platform at all.

Your article helped me a lot to structure next steps!

Thank you Suparna, for this great article. Everything crisp, to the point. 

 

Keen to know do you have any thoughts on North Star Architecture in Power Platform as well, since that is the way Microsoft is recommending for landing zones which is pretty important for PP Governance.

This is the best Power Platform checklist I have seen so far. Well done. 

 

I recommend adding the NorthStar Environment governance approach as well. 

 

https://cloudblogs.microsoft.com/powerplatform/2022/02/18/north-star-architecture-and-landing-zones-...

 

This is a really useful list! Thanks!

Hi,

 

This is great summary of overall governance for initial adoption. Thank you for posting this.

 

I wonder if there is up to date version on Microsoft documentation site? Also, any presentation slides if you are aware of?

 

Thank you in advance

 

F

Thank you @suparna-banerje for sharing this really very useful.

Thanks,
Suresh