Skip to main content
Skip table of contents

Governance, Policy and Risk

Cloudaware FinOps introduces financial data and business context on top of technical usage. Data governance ensures that this information is handled in line with your organization’s security, privacy, and compliance requirements. This guide outlines considerations for data scope, access controls, retention, and change management to support reliable and well-governed cost reporting.

Data Classification and Scope

Start by classifying data:

  • Treat detailed cost, discount, and margin information as sensitive financial data.

  • Recognize that allocation metadata (BUs, cost centers, customers, projects) can reveal commercially sensitive relationships.

  • Consider whether any cost views include regulated data (for example, customer identifiers that fall under privacy rules).

Use your existing data classification scheme (for example, Public/Internal/Confidential/Restricted) and apply it to Cloudaware CMDB objects and reports and dashboards built on them.

Access Controls

Combine classification with RBAC:

  • Limit broad access to detailed billing objects; prefer summarized dashboards and statements for wide audiences.

  • Use field‑level security to protect sensitive attributes such as discounts, list vs. effective rates, and reseller margins.

  • Apply row‑level filters or sharing rules to restrict customer‑specific or BU‑specific data to authorized users only.

Typical Control Stack in Cloudaware

  • Record-level access: can this role see only rows for their BU/customer/project.

  • Field-level security: can this role see discount, margin, list rate, effective rate.

  • Object-level permissions: can this role read billing objects at all.

  • Report/dashboard access: can they run or export reports built on those datasets.

  • API access: can integrations or users query the same data outside the UI.

Retention and Archiving

Decide how long to retain:

  • Billing line items and cost datasets.

  • Aggregated cost tables used for reporting and KPIs.

  • Showback/chargeback statements and related records.

Consider:

  • Regulatory requirements for financial record retention.

  • How far back you need data for trend analysis and forecasting.

  • Storage and performance implications of long storage periods.

Where necessary, offload older detailed data to archives or data warehouses while keeping summarized financial views in Cloudaware for ongoing analysis.

Change Management and Documentation

Because FinOps influences financial views:

  • Document allocation rules, shared‑cost models, and showback/chargeback designs.

  • Record when significant changes are made and why (for example, new BU structure, revised shared‑cost policy).

  • Communicate changes to stakeholders ahead of billing cycles so they understand potential impacts on dashboards and statements.

Use internal runbooks or wikis to keep this documentation discoverable for FinOps, finance, and audit teams.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close