Improve IT Governance with AWS (Part 1)

If you would like to read the next part in this article series please go to Improve IT Governance with AWS (Part 2).

AWS offers complete solutions that are compatible and that expand each other’s features. To assist in the complex, yet fundamental, governance strategy, AWS have proposed a number of security and governance features. Utilising these features can assist organisations in achieving the most from the comprehensive AWS environment and ably achieve governance objectives.


Governance is an area which is often misinterpreted by many to convey a broad range of descriptions or explanations misleadingly because of the intricacies of the practice. In a nutshell, IT Governance comes down to the IT resources, IT security and Performance procedures that ultimately add value to the organisation. Differing from compliance in that compliance is a result of good governance, which in turn creates value for the organisation.

Where compliance aims to minimise risk, governance, on the other hand, manages the risk. For value to be achieved, management of risk rather than risk mitigation is key.

It’s becoming exceedingly important for organisations to achieve their business objectives with greater consistency, efficiency and effectiveness. IT resources are increasingly moving to the cloud or being procured from the cloud and many organisations are successfully computing in this manner, realising the increased benefits of cloud compute. Governance solutions need be no different.

AWS have successfully proposed an array of cloud solutions, which multiple organisations globally utilise. The AWS governance features should prove beneficial when used alongside these AWS solutions.

On premise vs. AWS governance (cloud-based)

The prospect is that anything hosted on premise can now be offered in the cloud with the increased cloud attainable benefits. Governance can also be accomplished via the cloud as seen with the AWS governance solutions. A key concern must be that governance that previously applied on premise is now not applying in the cloud.

Utilising a cloud-based governance approach rather than the alternate on premise solutions should assist in alleviating the cost and complexity of this critical implementation and achieving the much-needed value from IT resources and practices that good governance assures.

Organisations are very aware these days of the challenges and costs involved to meet and maintain the stringent regulations put forward to address the security and governance measures required by law. A substantial portion, up to three quarters, of IT budget goes toward managing these on premise infrastructure complexities. This is where the cloud AWS governance (cloud-based) approach proves valuable.

AWS offer an array of governance features to implement, according to your specific requirements. This may be the solution to many organisations on-premise governance challenges, and may help to realign the costs. AWS governance can reduce cost by up to 80% compared to on-premise alternatives.

On Premise governance procedures for performance management can be complex. To achieve a good level of performance management it’s necessary to adopt numerous monitoring systems, processes and tools to cover all layers of IT resources. The process is convoluted and the outcome often has a negative impact on performance.

Threats are ever-changing and so much more sophisticated these days. On premise monitoring, detection and response to these security threats is more arduous to successfully achieve. To achieve success via on premise means requires continuous adaption of processes used and a lot of time, resources and the correct skill set. With AWS governance, performance management features, this is achieved with such ease and is effective as well.

Disaster recovery and data protection are both very important to get right, organisations need to be resilient. This is challenging at best to achieve through on premise strategies, as the amount of data continues to accumulate. Planning, testing and running failover sites on premise are costly and complex when undertaken correctly. AWS governance, cloud-based, achieves resiliency while being more cost effective.

As with cloud computing in all other areas, governance implemented in the cloud offers an array of benefits to the organisation. Cloud-based governance allows for reduced costs, simpler operations and increased agility.

Three Fundamental governance areas and the AWS governance features to address them

The AWS governance features covers the range of fundamental governance areas. The tricky part being identifying which of the features you require and thus which features to implement in order to achieve the intended results.

So what does the AWS governance feature set cover?

  • The management of IT resources,
  • The management of IT performance
  • The management of IT security

Management of IT resources

Before you can properly manage your resources it’s imperative that you know which IT resources you have and consequently need to manage. An inventory is crucial; it should cover all the hardware and software assets deployed. The inventory should be accurate and kept up to date. Not only is this necessary from a management perspective but also necessary to ensure security, compliance and for on-demand reporting (also a compliance necessity).

It is challenging to accurately keep track of on-premise resources even if utilising an automation tool. Thus the cloud alternative, AWS Governance, proves beneficial in this regard.

AWS governance features allow simple and accurate inventory of your AWS IT resources and cost reductions are realised through better management of them. They effectively achieve IT asset management and control the costs.

AWS governance features available to manage IT resources

AWS Feature

What it aims to accomplish

Account Activity page Accurate listing of IT resource showing utilisation of services and region used
Amazon Glacier vault inventory Inventory of IT resources in Glacier
AWS CloudHSM Virtual and physical control of encryption keys
AWS Data Pipeline Task Runner
AWS Management Console A comprehensive view of all IT assets and data of all resources running in AWS by service
AWS Storage Gateway APIs Ability to programmatically inventory assets and data

Table 1

AWS governance features available to manage IT resource Costs

AWS Feature

What it aims to accomplish

Account Activity page Current view of IT resource spending and spending linked to services being utilised
Amazon EC2 idempotency instance launch Helps prevent inaccurate launching of resources and additional occurred costs
Amazon EC2 resource tagging Links resource expenditures and business units by applying searchable labels to resources.
AWS Account Billing Billing features assists with monitoring and bill payment
AWS Management Console A comprehensive view of all IT resources running in AWS by service (costs and run rate)
AWS service pricing AWS IT resource rate –defined pricing for each AWS product.
AWS Trusted Advisor Optimises cost of IT resources by identifying unused resources
Billing Alarms Alerts on IT resource spend by sending notifications of spending activity.
Consolidated billing Allows for cost control and cross-account cost visibility by combining multiple AWS accounts into one bill.
Pay-as-you-go pricing Computing resources and services at pay-as-you-go pricing with no up-front purchase costs or maintenance costs. Allows for automatic scaling.

Table 2

Management of IT performance

Managing performance aids in the early detection of any concerns that otherwise may lead to complications with security and performance and allow for the opportunity of rectification.

The AWS governance features for managing IT performance ensures organisations can successfully overcome the performance management challenges around infrastructure procurement, scalability and testing across multiple environments, to name a few. AWS governance features assure good monitoring and reaction to events.

A further area that should be part of performance management is achieving resiliency; this incorporates processes for data protection and disaster recovery. AWS features assist in this regard too.

AWS governance features available to manage IT performance-monitor and manage resources

AWS Feature

What it aims to accomplish

Amazon Cloudwatch Provides the statistical data needed for analysis and to set alarms
Amazon Cloudwatch alarms Alarms and notification for events
Amazon EC2 instance status Automated checks for activities
Amazon instant management team Incident detection, monitoring and management and 24hour support, everyday throughout the year
Amazon S3 TCP selective acknowledgement Improves recovery time
Amazon simple notification service Manages message delivery for notification of critical incidents
AWS elastic beanstalk Monitoring of application deployment elements
Elastic load balancing Automatic distribution of incoming applications traffic over multiple Amazon EC2 instances

Table 3

AWS governance features available to manage IT performance- resiliency

AWS Feature

What it aims to accomplish

Amazon EBS snapshots Storage volumes for backup, improved availability and reliability
Amazon RDS Multi-AZ Deployments Automated availability control to secure data
Amazon Import/Export Import and export data in large volumes
Amazon Storage Gateway Integrations between on premise infrastructure and AWS storage
AWS Trusted Adviser Automated performance management and availability control
Multi-region deployment Supports variety of locations
Route 53 health checks and DNS failover Monitors availability of stored backup data
Managed AWS database services (no-SQL/SQL) Secure and resilient data storage, replicating over numerous zones

Table 4


There’s no question that Governance is fundamental for organisations to reach the goals they’ve set out to obtain, for both business value and compliance reasons. It’s becoming increasingly perplexing to achieve effective IT governance in the rapid developing and multifaceted IT environment. Amazon has simplified the approach to governance by considering each AWS service and aligning the necessary governance feature sets for each service offered. Look out for part two in this series where we will continue to look at the AWS governance features.

If you would like to read the next part in this article series please go to Improve IT Governance with AWS (Part 2).

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top