治理或合規性策略Governance or compliance strategy

當整個遷移工作需要治理或合規性時,您需要放寬範圍,以考慮這些需求。When governance or compliance is required throughout a migration effort, you need to broaden your scope to account for these requirements. 下列指導方針將擴充 Azure 遷移指南 的範圍,以解決管理治理或合規性需求的不同方法。The following guidance expands the scope of the Azure migration guide to address different approaches to addressing governance or compliance requirements.

一般範圍擴充General scope expansion

當需要治理或合規性時,必要條件活動所受到的影響最大。Prerequisite activities are affected the most when governance or compliance are required. 在評量、遷移和優化期間,也可能需要進行其他調整。Additional adjustments can also be required during assessment, migration, and optimization.

建議的必要條件Suggested prerequisites

當您要整合治理或合規性需求時,基底 Azure 環境的設定可能會大幅改變。Configuration of the base Azure environment can change significantly when you're integrating governance or compliance requirements. 若要了解必要條件的變更情形,請務必了解需求的本質。To understand how prerequisites change, it's important to understand the nature of the requirements. 在開始進行任何需要治理或合規性的遷移之前,您應該選擇並在雲端環境中執行一種方法。Prior to beginning any migration that requires governance or compliance, you should choose and implement an approach in the cloud environment. 以下是一些在移轉期間經常會看到的高階方法:The following are a few high-level approaches commonly seen during migrations:

常見的治理方法: 對於大部分的組織而言, 雲端採用架構治理模型 是一種足夠的方法。Common governance approach: For most organizations, the Cloud Adoption Framework governance model is a sufficient approach. 它是由 (MVP) 實行的最小可行產品所組成,後面接著治理成熟度的目標反復專案,以解決採用計畫中所識別的有形風險。It consists of a minimum viable product (MVP) implementation, followed by targeted iterations of governance maturity to address tangible risks identified in the adoption plan. 此方法會提供建立一致性治理所需的最低限度工具,因此小組能夠了解這些工具。This approach provides the minimum tooling needed to establish consistent governance, so the team can understand the tools. 接著,此方法會詳述這些用來解決常見治理顧慮的工具。It then expands on those tools to address common governance concerns.

國際標準組織 (ISO) 27001 合規性藍圖: 如果您的組織需要遵守 ISO 合規性標準, iso 27001 共用服務藍圖範例 可以成為更有效的 MVP。International Organization for Standardization (ISO) 27001 compliance blueprints: If your organization is required to adhere to ISO compliance standards, the ISO 27001 Shared Services blueprint samples can serve as a more effective MVP. 藍圖可以產生更豐富的治理條件約束,稍早在反復的流程中。The blueprint can produce richer governance constraints, earlier in the iterative process. Iso 27001 App Service 環境/SQL Database 工作負載藍圖範例會擴充 Iso 27001 共用服務藍圖,以對應控制項並部署應用程式環境的通用架構。The ISO 27001 App Service Environment/SQL Database workload blueprint sample expands on the ISO 27001 Shared Services blueprint, to map controls and deploy a common architecture for an application environment.

雲端採用架構企業規模登陸區域: 您可能需要更健全的治理起點。Cloud Adoption Framework enterprise-scale landing zone: You might require a more robust governance starting point. 如果有,請考慮採用 雲端採用架構的企業規模登陸區域If so, consider the Cloud Adoption Framework enterprise-scale landing zone. 雲端採用架構的企業規模登陸區域方法著重于在24個月內擁有長期目標 (的採用小組) 裝載超過1000的資產 (應用程式、基礎結構或資料資產) 在雲端中。The Cloud Adoption Framework enterprise-scale landing zone approach focuses on adoption teams who have a mid-term objective (within 24 months) to host more than 1,000 assets (applications, infrastructure, or data assets) in the cloud. 雲端採用架構企業規模登陸區域是針對這些大型雲端採用工作的複雜治理案例的選擇。The Cloud Adoption Framework enterprise-scale landing zone is the de facto choice for complex governance scenarios for these larger cloud adoption efforts.

可供完成必要條件的合作關係選項Partnership option to complete prerequisites

Microsoft 服務: Microsoft 服務提供的解決方案供應專案可符合雲端採用架構治理模型、合規性藍圖或雲端採用架構的企業規模登陸區域選項。Microsoft Services: Microsoft Services provides solution offerings that can align to the Cloud Adoption Framework governance model, compliance blueprints, or Cloud Adoption Framework enterprise-scale landing zone options. 此選項可協助您確保使用的是最適當的治理或合規性模型。This option helps you to ensure that you're using the most appropriate governance or compliance model. 使用 安全的雲端深入 解析解決方案,為 Azure 中的客戶部署建立資料驅動的圖片。Use the Secure Cloud Insights solution to establish a data-driven picture of a customer deployment in Azure. 此解決方案也會驗證客戶́s Azure 實現成熟度,同時識別現有部署架構的優化。This solution also validates the customer´s Azure implementation maturity while identifying optimization of existing deployment architectures. 安全的 Cloud Insights 也可協助您降低與治理安全性和可用性有關的風險。Secure Cloud Insights also helps you reduce risk pertaining to governance security and availability. 根據客戶深入解析,您應該從下列方法開始:Based on customer insights, you should lead with the following approaches:

  • 雲端基礎: 使用 混合式雲端基礎 解決方案,建立客戶的核心 Azure 設計、模式和治理架構。Cloud foundation: Establish the customer's core Azure designs, patterns, and governance architecture with the hybrid cloud foundation solution. 將客戶的需求對應至最適當的參考架構。Map the customer's requirements to the most appropriate reference architecture. 實行包含共用服務和 IaaS 工作負載的最小可行產品。Implement a minimum viable product consisting of shared services and IaaS workloads.
  • 雲端現代化: 使用 雲端現代化 解決方案作為將應用程式、資料和基礎結構移至符合企業需求之雲端的全方位方法。Cloud modernization: Use the cloud modernization solution as a comprehensive approach to move applications, data, and infrastructure to an enterprise-ready cloud. 您也可以在雲端部署之後優化和現代化。You can also optimize and modernize after cloud deployment.
  • 使用雲端創新: 透過 雲端卓越的雲端中心 (CCoE) 解決方案來與客戶互動。Innovate with cloud: Engage the customer through the cloud center of excellence (CCoE) solution. 它會實行敏捷式方法來捕捉商務需求,並重複使用與安全性、合規性和服務管理原則一致的部署套件。It implements an agile approach to capture business requirements, and to reuse deployment packages aligned with security, compliance, and service management policies. 它也會維護 Azure 平臺與操作程式的對齊。It also maintains the alignment of the Azure platform with operational procedures.

評定程序變更Assess process changes

在評估期間,您必須進行額外的決策,以配合所需的治理方法。During assessment, you must make additional decisions to align to the required governance approach. 雲端治理小組會在評估工作負載之前,為雲端採用小組的所有成員提供任何原則聲明、架構指引或治理或合規性需求。The cloud governance team provides all members of the cloud adoption team with any policy statements, architectural guidance, or governance or compliance requirements prior to the assessment of a workload.

評估過程中的建議動作Suggested action during the assessment process

治理和合規性評估需求是極度專屬於客戶的,因此無法針對評估期間所採取的實際步驟提供一般性的指引。Governance and compliance assessment requirements are too customer-specific to provide general guidance on the actual steps taken during assessment. 此流程應該包含符合合規性和治理需求的工作和時間。The process should include tasks and time for aligning to compliance and governance requirements.

若要深入瞭解治理,請閱讀 雲端治理專業領域的總覽。For a deeper understanding of governance, read the overview of the Disciplines of Cloud Governance. 雲端採用架構的這一節包含範本,可記錄以下各節的原則、指引和需求:This section of the Cloud Adoption Framework includes templates to document the policies, guidance, and requirements for each of the following sections:

如需根據雲端採用架構治理模型開發治理指導方針的詳細資訊,請參閱 實施雲端治理策略For information about developing governance guidance based on the Cloud Adoption Framework governance model, see Implement a cloud governance strategy.

將程序變更最佳化並升階Optimize and promote process changes

在優化和升階程式進行期間,雲端治理小組應投入時間來測試及驗證遵循治理和合規性標準。During the optimization and promotion processes, the cloud governance team should invest time to test and validate adherence to governance and compliance standards. 此外,此步驟是讓雲端治理小組策展範本的好時機,以提供未來專案的其他指導方針,特別是在部署加速專業領域中。Additionally, this step is a good time for the cloud governance team to curate templates that provide additional guidance for future projects, particularly in the Deployment Acceleration discipline.

最佳化和升階程序期間的建議動作Suggested action during the optimize and promote process

在此過程中,專案計劃應該包含雲端治理小組針對生產升級規劃的每個工作負載執行合規性審查的時間配置。During this process, the project plan should include time allocations for the cloud governance team to execute a compliance review, for each workload planned for production promotion.

下一步Next steps

返回檢查清單,以重新評估遷移工作的任何其他範圍需求。Return to the checklist to reevaluate any additional scope requirements for the migration effort.