What are governance and compliance services?

Natasha Ong
This is some text inside of a div block.
4 min read

In a nutshell:

Governance = creating a plan for how an organisation operates
Compliance = making sure everyone sticks to the plan and follows the local laws.
In cloud computing, governance services involve creating rules, policies, and efficient resource management.
Compliance services include regulatory compliance, data protection, auditing, security best practices, and incident response.

What are governance and compliance services?

Let's take a step back: what do governance and compliance mean?

  • Governance is about setting rules and decisions to guide how an organisation operates. It's like creating a plan to keep everything organised and in control.
  • Compliance, on the other hand, means following those rules and making sure everyone sticks to the plan.

In cloud computing, governance and compliance services are tools that help organisations follow rules and keep everything in the cloud in order. But, you'll also notice that they mean much more. Here's an overview of what they do:

Governance services

Governance services go beyond just making rules. They also include practices for managing your cloud stuff well - making sure things are safe and efficient.

  • Policies: These services helps you set up rules about how we share things, who can do what, and how we use data. It's like having a set of guidelines that everyone must stick to.
  • Resource management: They help organise and share resources efficiently, optimising on usage on cost

Compliance services

Compliance services go beyond just following the rules. They also include being proactive about maintaining the highest standards of security and data protection.

  • Regulatory compliance: They help follow the data rules set by the government or specific industries.
  • Data protection: These services protect sensitive data.
  • Auditing and reporting: They check and keep records of what's happening.
  • Security best practices: They help you use the best security methods.
  • Incident response: They help handle and report security issues.

In reality, governance and compliance really go hand in hand. Cloud services offer a mix of these functionalities, and aren't solely governance or solely compliance services!

Are there any governance and compliance services in Azure?

There sure are! Let's have a quick peek:

We'll be learning about two key services - Microsoft Purview and Azure Policy. Both services contribute to governance and compliance, but focus on different areas. Microsoft Purview focuses on data management, while Azure Policy focuses on Azure resources.

We'll be diving deep into them in the next module. Here's a sneak peek:

Microsoft Purview

  • Microsoft Purview helps organisations keep their data safe and sound, no matter if it's on-premises, with another cloud provider or a SaaS platform.
  • It's also your trusty sidekick in dealing with pesky regulations and keeping data usage in check.

Azure Policy

  • Azure Policy is your very own rulebook for Azure resources. Using Policies, you are setting up rules around what users can and cannot do with Azure resources.
  • It ensures that your Azure resources behave under company and government standards