Security Governance Framework for Low-code/No-code Development

No-code/Low-code puts new technology in the hands of every person in an organization.

Unfortunately, many of these employees are not tech savvy and lack security training and awareness. In this document, we describe a recommended security governance framework for low-code/no-code (LCNC) applications and automations, such as those developed on Microsoft Power Platform.

The framework covers:

  • Asset 1 Governance practices and processes
  • Asset 1 Risk assessment
  • Asset 1 Threat protection
  • Asset 1 Risk assessment
  • Asset 1 Roles and responsibilities
  • Asset 1 Framework implementation