Improve your initial cloud governance foundation

This article assumes that you have established an initial cloud governance foundation. As your cloud adoption plan is implemented, tangible risks will emerge from the proposed approaches by which teams want to adopt the cloud. As these risks surface in release planning conversations, use the following grid to quickly identify a few best practices for getting ahead of the adoption plan to prevent risks from becoming real threats.

Maturity vectors

At any time, the following best practices can be applied to the initial governance foundation to address the risk or need mentioned in the following table.


Resource organization can affect how these best practices are applied. It's important to start with the recommendations that best align with the initial cloud governance foundation you implemented in the previous step.

Risk/need Standard enterprise Complex enterprise
Sensitive data in the cloud Discipline improvement Discipline improvement
Mission-critical applications in the cloud Discipline improvement Discipline improvement
Cloud cost management Discipline improvement Discipline improvement
Multicloud Discipline improvement Discipline improvement
Complex/legacy identity management N/A Discipline improvement
Multiple layers of governance N/A Discipline improvement

Next steps

In addition to the application of best practices, the Govern methodology of the Cloud Adoption Framework can be customized to fit unique business constraints. After following the applicable recommendations, evaluate corporate policy to understand additional customization requirements.