Protecting Your Atlassian Tools Ecosystem Investment (Part 1): The Need for Governance

The Atlassian Tools Ecosystem – The Backbone Of Your Enterprise

Jira has become one of the world’s most popular tools. This is partially because it is highly customizable and can easily integrate with a robust suite of Atlassian products, as well as external systems and applications, to create a powerful and dynamic ecosystem which can be used to support every facet of a company’s operations. Technical and non-technical teams and senior leadership around the world, in every line of business and industry imaginable, use the Atlassian Tools Ecosystem. Companies see the value and continue to invest large amounts of money in their Atlassian Tool Stack.

In this 5 part series we’ll explore multiple ways in which companies can optimize the benefit from this platform and protect their investments in these technologies.

Introducing Governance to Your Ecosystem

Most companies spend considerable resources on cybersecurity and disaster recovery initiatives, but fall short when it comes to protecting their Atlassian ecosystems’ framework and configurations. Yet, that is an area where strong governance may, in fact, be more crucial.

Cybersecurity and disaster recovery are designed to protect the organization from an adverse external event (e.g., getting hacked or a system crashes). However, these do not account for potential internal threats to the stability of your company’s system: What happens if a configuration change made by one of our tool administrators breaks our ecosystem because they do not understand one of the many other tools that is integrated with Jira? What happens if your administrators leave the company?

There are numerous internal scenarios that can adversely impact the stability of your system. It is here where governance really fits into the picture. It can mitigate the risk and help you protect your company’s investments.

A robust governance framework is critical for ensuring that the Atlassian Tools Ecosystem, with its integrations, configurations and best practices, is protected. It enables your company to:

• Mitigate risk and maintain compliance
• Ensure data integrity and improve data quality
• Set, maintain, and educate on standards and best practices
• Evaluate the impact and manage changes to the Atlassian tools ecosystem
• Maintain the health and long-term continuity of the Atlassian tools ecosystem
• Protect the company investment in the Atlassian tools ecosystem

Ultimately, implementing a governance framework allows you to protect and effectively utilize your Atlassian Tools Ecosystem. You can then support your ongoing governance needs remotely with your Atlassian tools.

The Governance Model

Robust governance is composed of three pillars founded upon very strong policies to support and protect the Atlassian tools framework and configurations. These three key pillars are the Governance Committee, Processes and Procedures, and Training Programs and Enablement. Each of these pillars plays a key role in maintaining the long-term health of the ecosystem.

Before we examine the pillars, let us take a moment to talk about the Governance Policies upon which each of these pillars is anchored. In most instances, companies start their Atlassian ecosystem with just one tool being used by just one team. In this case, there is little to no thought put into configuration documentations, governance policies, processes or procedures. Usually, it is not until there is greater adoption across the company and larger impact to the technology ecosystem before governance is considered, and often this follows a significant clean-up and standardization effort.

Governance policies

Governance policies are tremendously important and lay the foundation upon which all pillars of governance and your Atlassian Tools Ecosystem is anchored. These are the documents that explain the configurations of your system and the guardrails for usage and changes. The Atlassian Tools Ecosystem Governance documents should include information on:

• Access management strategy and policy (groups and roles, coarse grained vs fine grained, etc.)
• Change management strategy and policy (committee, roles, scenarios, within policy vs outside of policy changes, etc.)
• Configuration strategy and standards (enterprise safe vs external client centric design, etc.)
• Key reporting requirements (fields used for reporting, required fields, descriptions, etc.)
• Company usage guidance (scrum masters, release train engineers, departments, programs, lines of business, portfolios, projects within a single team or organization vs projects spanning multiple teams or multiple organizations, etc.)
• Best practices (your company’s specific best practices which may be different than another company’s best practices depending on your company’s specific implementation and configurations)

Your company will use the governance policies as the basis for your processes and procedures forming the governance of your Atlassian tools ecosystem, which may be owned by one or more teams depending on the size of your company. Smaller companies may have a single team managing the administration of the entire ecosystem Larger organizations may have multiple teams splitting the management of the ecosystem (which may include a large number of tools like Jira, Jira Align, Bitbucket, GitHub, QTest, Structure, easyBI, Leo, and any number of other applications, addons, connectors, and more).

The Governance Committee

Governance documents are created, owned, and managed by the Atlassian Tools Ecosystem Governance Committee, often referred to as The Committee or The Board. Due to the cascading impact that changes in one system, tool, or application will have on other tools in the ecosystem, the Committee is typically responsible for the overall health and management of the entire ecosystem.

If you do not already have an admin team or governance committee feel free to reach out to us here at Cprime.

Next in This Series

In Part 2 of this series we will take a closer look at the committee, its member roles and their respective responsibilities.

Lisa Barton