Want a more in-depth, visual Cloud Governance breakdown? Register for our free virtual lab “Cloud Governance: Enforced Site & Team Recertification” today! 


AvePoint’s Cloud Governance tool has many features that enable organizations to control and monitor the use of Office 365. This includes controlling actions like who can provision collaboration spaces such as Microsoft Teams, Office 365 Groups and SharePoint Sites. It also allows organizations to determine who can change permissions and grant access to content, who can move content from place to place, who can change settings, and what settings they can change.

When users create collaboration spaces those spaces are automatically controlled by policies that:

  • Control access to settings
  • Control access to content
  • Enforce naming conventions
  • Add properties
  • Enforce lifecycle management

By enabling end users to have direct access to automated provisioning controlled by these policies, Cloud Governance is able to deliver a massive reduction of burden on IT teams large and small. One of the most valuable aspects to cloud governance, though, is its ability to provide insights, monitoring and reporting into all the actions and administration over the collaboration that is taking place in Office 365.

Having trouble with governing effectively in the cloud? This post might help: Click To Tweet

Site Recertification is a Cloud Governance feature that can be enabled on controlled sites that are provisioned by end users.  Once a site is provisioned, Cloud Governance site recertification will (if enabled) send reports on who the primary contacts are, who the administrators and owners are, and what all the permissions granted to collaboration spaces in Office 365 are.

Once the business stakeholder, IT team, security team or any designated member of an organization receives the recertification report, they can easily view who owns collaborations spaces, who has administrative rights, and who can access the content within those spaces in Office 365.

This image has an empty alt attribute; its file name is concept-of-having-a-break-at-work-concentrated-calm-peaceful-serious-picture-id924364948-1024x683.jpg

Many reports can be created according to different properties or policies applied to sites and distributed to appropriate team members for review. The reports can be set at intervals which can vary depending on any number of criteria preset by the organization. These include:

  • Who provisioned the Team, Group, or SharePoint site
  • What department they’re in
  • What their role is within the organization
  • Any other custom dynamic properties set as policy

Blog Post: Top 10 Considerations for Microsoft Teams Governance


Once the report is received the company can force a review, requiring the designated reviewer to approve the current roles and access, make changes, or simply lock down the collaboration space right from within the report. If desired, an organization can even make it so that if a recertification report is not reviewed within a set period of time, any applicable collaboration spaces will be locked down.

Recertification enables organizations to automate and enforce administrative security reviews simply and reliably. It ultimately comes down to a quick and simple GUI task that can be distributed to the appropriate reviewers according to their needs, no matter how varied those needs may be.


Want more governance content from industry experts? Be sure to subscribe to our blog!