# Azure Resource Governance
The purpose of this documentation is to provide security and governance guidelines for resources hosted in Ability Azure Enrollment. This documentation is based on the Global IS Security Policies and Standards.
# Scope
In the scope of this documentation are all software resources used under Ability Azure Enrolment. It covers standards and governance models for resources built on ABB policies. It does not include the implemented security controls based on Azure Security Center. You can ask for them by sending us an email.
The following table shows which businesses' resources security controls and governance model has been implemented. It also contains primary contact details for these areas.
| Business Area/Scope | Abbreviation | Reporting | Security Controls & Governance | Contact |
|---|---|---|---|---|
| Global Operations Security | N/A | N/A | N/A | abb-ability-operations@abb.com |
| Ability Internal Resources | Digital | Yes | Yes | inmadig@in.abb.com |
| Robotics Business Area | RA | Yes | Yes | maintenance.robotics@us.abb.com |
| EL Business Area | EL | Yes | No | maintenance.electrification@in.abb.com |
| Process Automation Business Area | IA | Yes | No | N/A |
| Motion Business Area | MO | Yes | No | N/A |
# Definitions and terms
Here is a small list of the definitions and terms that are used in the documentation:
| Term | Definition |
|---|---|
| Resource | Any software or hardware component/element used by team members to implement, test and provide a given solution |
| Owner | A person who manages target resources (usually the creator of that resource or the person who requested its creation), and who is responsible for maintaining those resources and their lifecycle |
| External Account | An account which is not part of the ABB domain |
| Platform | The ABB Ability Platform product which consists of many resources |
# Resource Classification
The resources used in this documentation are classified based on their purpose:
| Classification Type | Definition |
|---|---|
| Temp | A resource or environment used by the internal team for any purpose, but only for a short period of time (max. 1 month) |
| Playground | A resource or environment used by the internal team for research/spike/poc purposes |
| Development | A resource or environment used by the internal team for implementation purposes |
| Test | A resource or environment used by the internal team for testing purposes |
| Stage (Pre-Production) | A resource or environment delivered to the client for their testing purposes |
| Production | A resource or environment delivered to the client for their production purposes |
# Content
| Section | Description |
|---|---|
| Security and Governance Standards | General security and governance standards information |
| Azure Security Controls and Lifecycle | Security controls and lifecycle management for Azure resources |
| Azure DevOps Standards | Security controls and lifecycle management for Azure DevOps resources (Ability Internal) |
| Ability Azure Inventory (AAI) | Application which supports assets management and security controls implementation |