What is governance

Governance is the set of rules and processes in place at a company that make it possible to steer the company towards its goals while ensuring compliance with the law, as well as management of risk.

In relation to automation, governance means ensuring that automated processes are safe and reliable, that they follow corporate guidelines and do not pose a risk to the company. Automation software often comes with governance features that make it easier to ensure compliance with governance policies for automated processes.

A compliant automated process should consider the following aspects:


The most important governance aspect of an automated process is its reliability. This means that the process can be relied upon to work in the vast majority of cases. This involves:

  • Service Level Agreements (SLAs) for all involved components
  • Performance


In case a process doesn’t work, monitoring and notifications need to be in place as well as a defined path of escalation.

Failover and rollback

Failover means that there is a backup system in place that can take over in case the primary system fails. Rollback means that there is an automated routine in place that makes sure that all involved systems are reset to their initial state in case an automated process fails. Both are automated failsafes that make sure that the impact of a failing process is minimised.


Documentation of the process itself is an important aspect of governance since it makes it possible to audit the process, and it makes the process accessible and part of a company’s documented knowledge. Good documentation should:

  • Describe the process itself, what it does and which systems are involved
  • Describe the importance of the process, e.g. its impact on business if it fails
  • State what should be done in case the process fails, e.g. in order to repair it and/or to minimise the impact of its failing

Correctness / Quality

Ensuring that the process does what it should do in all possible cases. This often involves considering how to handle edge cases. It also involves defining a set of quality criteria that should be followed when automating a process. This can be rules like forbidding hard-coded variables, always setting sensible limits, ensuring there are sensible defaults, validating input data and checking automations for any assumptions that can be untrue. The outcome should be an automation that always behaves as expected.

Access control and data security

Making sure that only people who are required to have access have access to both the process itself – e.g. being able to edit it – as well as to the data that is being processed.

How Cloudomation Engine supports governance

Cloudomation has several features that support developing high-quality, compliant automations. Read here for documentation on Cloudomation’s governance features.