Goal: Organizations have a standard training curriculum that gives new users a starting point. All makers have undergone basic Power Automate training.
Indicators:
Leverage Microsoft's training resources and accredit knowledge gained through certification programs
Goal: Organizations document accepted priorities and concerns, initial draft to address foundational aspects of Power Automate are addressed. Strategy plan is defined with a bias towards a "CoE led - Business supported" model
Indicators:
High-level guidelines to address network, security and infrastructure concerns are defined
Stakeholder roles and responsibilities are defined (Business, CoE, Security, Compliance and Admin)
Goal: Strategic planning document is enriched such that organizational level security and governance level parameters are addressed.
Indicators:
Network provisioning parameters including VM compute, machine groups and VNET setup are defined
Credential/Access Management strategy is well defined - makers, administrators and CoE users and their corresponding roles and privileges are documented.
Security Controls and RBAC policies are documented
Data Encryption/Retention and Management strategy defined
Business continuity and Disaster recovery plan in place
Goal: Strategic planning document includes ideation around advanced reporting constructs, AI based automation strategy, process mining tools with a bias towards a "Business led - CoE supported" model
Indicators:
Detailed operational and functional level analytics including KYC, Machine management, ROI calculator, License Utilization, Common exceptions list, top makers are defined.
Goal: Strategic planning document is complete with necessitate revisions from time to time. Business and technology teams are aligned on strategy and corresponding investments.
Indicators:
Strategy to automate governance based manual processes - ALM, Machine Management, DLP, Access Management and License Management.
Design best practices shared amongst the Power Automate community.
Goal: Design is scoped to support a few bots in the production environment addressing basic automation needs within a department. Organization is still very early in its automation journey.
Indicators:
Design considerations around logging and credential management are still at a rudimentary stage.
Clear demarcation between (Dev/Test/Prod) is established at this point.
Practitioners have a clear understanding on when to use API versus UI from a design perspective.
Goal: Design is scoped towards supporting many bots for production usage needs for the organization. Organization is maturing in its automation journey.
Indicators:
Logging and credential management is well established from a design perspective.
Identity Security and Access Management tool integration to the infrastructure are well laid out.
Code Review standards are well defined.
Designing exception handling models using Try-Catch-Finally pattern
Consider storage technology that scales proportionally
Goal: Design is scoped towards supporting many bots across cross-functional teams for production usage - leveraging AI/ML, custom connectors and advanced error handling.
Indicators:
Design considerations around templatization of common patterns and practices is well established.
Establishing clear design strategies/blueprint on the usage of custom connectors is defined.
Designing application health probes to check availability of the critical part of the systems such as load balancers and traffic managers.
Goal: Design is at a matured state and addresses all architectural challenges from an infrastructure, security, and governance perspective in conformance to the overarching organizational guidelines.
Indicators:
Auto scaling capabilities - design thinking around use of machine groups based on process volume are well laid out.
Advanced auditing capabilities to support proactive monitoring is supported
Design considerations to handle transient faults in a cloud infrastructure
Goal: Initial pockets of success are realized from an implementation standpoint. CoE validates feasibility of the solution by building proof of concepts to support simple use case scenarios.
Indicators:
Practitioners build basic cloud and desktop flows to understand ground level functionality of the tool.
Testing is confined to a PoC level.
Monitoring is manual.
Implementation is confined to a generic development environment.
Goal: Implementation is targeted towards building many bots supporting cross-functional teams for production usage with a bias towards high level of resilience and reusability.
Indicators:
Custom connectors, API support (for in house applications) are built by pro-developers to facilitate citizen developers to build automation.
Reusable templates for both cloud and desktop flows are utilized.
ROI calculation is automated.
Processes are implemented leveraging AI Builder.
Parallel execution of workloads to improve throughput are implemented
Business Component Testing is well executed (validating other components, workload management, process branching, exception handling and performance measurement)
Goal: Scope of deployment is targeted towards supporting bots serving cross-functional teams for production usage with a bias towards optimization and efficiency.
Indicators:
Leverage Dataverse to build use case specific dashboards.
Add VM Insights solution to your Log Analytics workspace
Configure connectivity tests using Connection Monitor in Azure
Network deployment from a High Availability standpoint is complete - Azure availability zones, Azure disaster recovery implementation in place.
Monitoring/Reporting metrics (using Power BI/equivalent reporting tool) from a bot deployment perspective is in place (is real time)
Goal: Scope of deployment/management is at a mature state. Organization is well equipped to deploy and manage solutions efficiently ensuring a high degree of resilience.
Indicators:
Utilize Azure Monitor for monitoring workloads and resource utilization.
Detect anomalous behavior by setting alerts, visual logs and monitoring.
Log network traffic using NSG (Network Security Group) log flows using Azure Network Watcher
Goal: Security and Governance are targeted towards supporting bots serving cross-functional teams for production usage with a bias towards optimization and efficiency.
Indicators:
Proactive monitoring in place.
Implement Cross Tenant Block to restrict third-party tenant access.
Implement Granular End Point DLP definitions for connectors.
Ensure Compliance standards are met based on industry (for example, PCI DSS - Payment Card Industry Data Standard etc.
Goal: Security and Governance are at a mature state. Organization is well equipped to secure and govern solutions efficiently ensuring a high degree of resilience.
Indicators:
Implement Security Information Event Management (SIEM) to deliver intelligent security analytics and threat intelligence.
Establish an app discovery process to identify new app connections (using application security management tools like, Microsoft Cloud App Security Management).
Goal: Organization is expanding its automation footprint, whilst still evaluating feasibility from a scale perspective. Nurture is geared to support and promote makers who have a fair grasp of Power Automate.
Indicators:
Allocate Roles and responsibilities based on individual job functions
Automation Product Champions
Automation Makers
Automation CoE Team
Establish point of contacts and stream leads whose objective is to evangelize and support automation across the organization.
Goal: Organization ascertains Power Automate as a viable solution. The organization is maturing in its automation journey and with it comes many "learning moments". "Nurture" at this level is attuned to support growing pains typical to increasing maturity.
Indicators:
Beacons of automation support other citizen developers as they progress through a "try-fail-succeed" cycle.
Citizen developers stride towards promoting solutions to production, while being supported through each step by their peers.
