Governance
Enterprise-grade governance with policy management, multi-stage approval workflows, environment promotion controls, and comprehensive audit logging.
Overview
Governance in Strongly provides:
- Policy Management: Define and enforce compliance policies
- Multi-Stage Workflows: Create approval workflows with custom stages
- Environment Promotion: Control resource promotion between environments
- Solutions: Group related components for unified governance
- Audit Logging: Comprehensive audit trail for compliance
How to Apply Policies to Resources
Creating a Policy Instance
- Navigate to resource (Application, Workflow, Model, etc.)
- Click Governance tab
- Click Apply Policy
- Select policy from dropdown (filtered by applicable resource type)
- Policy instance is created with status: "Not Started"
Completing Policy Stages
- Open policy instance from Governance dashboard
- Complete each stage in order:
- Fill out all required fields
- Upload any required files or artifacts
- Submit stage for approval
- Validators receive notification and can:
- Approve: Stage moves to next validator or completes
- Deny: Stage is rejected, requestor must revise
- Conditional Approval: Approve with conditions that must be met
- Once all stages complete, policy status becomes "Completed"
Solutions: Grouping Components
Solutions allow you to group related platform components (apps, workflows, data sources, models) for unified governance and compliance tracking.
How to Create a Solution
- Go to Governance → Solutions
- Click Create Solution
- Enter solution details:
- Name and Description
- Business Context: Purpose, criticality (Critical/High/Medium/Low), data classification, regulatory scope
- Ownership: Business owner, technical owner, team, cost center
- Compose solution using one of three methods:
- Explicit Selection: Manually select specific apps, workflows, data sources, models by ID
- Tag-Based Selection: Include/exclude components by tags (dynamic composition)
- Query-Based Selection: Use MongoDB queries to filter components
- Set lifecycle:
- Permanent: Always active
- Temporal: Valid for specific date range
- Event-Driven: Activated by trigger condition
- Choose evaluation mode:
- Dynamic: Solution components update in real-time as resources change
- Snapshot: Solution is frozen at creation time (for audits, releases)
- Click Create Solution
Environment Promotion Controls
How to Promote Resources
Promote applications, workflows, or models from Development → Staging → Production with policy enforcement:
- Open resource in Development or Staging environment
- Click Promote button
- Select target environment
- System checks compliance status:
- All applicable policies must be completed
- No critical violations can exist
- Required approvals must be obtained
- If compliant: Promotion proceeds automatically
- If non-compliant: Blocking issues are listed, promotion is denied
- Admins can override with justification (logged in audit trail)
Viewing Audit Logs
How to Access Audit Trail
- Go to Governance → Audit Logs
- Filter by:
- Entity Type: Policy, Policy Instance, Promotion, Override
- Action: Created, Updated, Approved, Denied, Overridden
- User: Who performed the action
- Date Range: When action occurred
- Each log entry includes:
- Previous state and new state (full change diff)
- User ID, name, IP address, user agent
- Timestamp and reason (if provided)
- Export logs for compliance reporting (CSV, JSON)
Governance Dashboard Metrics
Monitor compliance health from the Governance dashboard:
Key Metrics
- Total active policies
- Total policy instances
- Pending approvals (requiring your action)
- Compliance rate (% of resources with completed policies)
- Average time to compliance (hours)
Violation Tracking
- Violations by category (Security, Compliance, Quality, Operational)
- Top violated policies
- Critical violations requiring immediate attention
- Trends over time (improving or worsening)
Best Practice
Apply policies early in development. Enforce strict policies in Production, use warnings in Development to catch issues before promotion.