Skip to content
Big Picture

Governance Overview

Big Picture provides governance features that enable organizations to operate at scale, maintain compliance, and prepare for audits. These features support administrators, security teams, and platform owners who need to control access, enforce policies, and demonstrate compliance.

Governance Capabilities

Section titled “Governance Capabilities”

Access Control

Section titled “Access Control”

Role-based access control (RBAC) restricts who can perform administrative actions. Permissions are scoped to tenants, products, or global operations. This ensures that only authorized personnel can modify policies, approve releases, or access sensitive data.

See Role-Based Access Control for configuration details.

Approval Workflows

Section titled “Approval Workflows”

Approval workflows require releases to be reviewed and approved before distribution. Workflows can require single or multiple approvers, expire after a set period, or auto-approve under specific conditions. All approval decisions are recorded in audit logs.

See Approval Workflows for setup and management.

Audit Readiness

Section titled “Audit Readiness”

Big Picture maintains append-only audit logs that record all administrative actions, policy changes, and release operations. Audit logs include timestamps, actors, and full context for each event. This supports compliance requirements and enables forensic analysis.

See Audit Readiness for preparing your instance for audits.

Compliance Reporting

Section titled “Compliance Reporting”

Compliance reports demonstrate adherence to policies and license terms. Reports can cover license usage, policy compliance, release approvals, and access patterns. Reports are exportable and verifiable through audit logs.

See Compliance Reporting for generating reports.

Operational Best Practices

Section titled “Operational Best Practices”

Operational best practices cover security, monitoring, backup, and incident response. These practices help organizations operate Big Picture safely and reliably at scale.

See Operational Best Practices for guidance.

When Governance Matters

Section titled “When Governance Matters”

Governance features are essential when:

  • Multiple teams or departments need controlled access to Big Picture
  • Releases must be approved before distribution
  • Compliance requirements mandate audit trails
  • License audits require accurate usage reporting
  • Security policies require access restrictions
  • Regulated environments need strict operational controls

Governance vs. Workflows

Section titled “Governance vs. Workflows”

Governance focuses on control and compliance:

  • Who can perform actions (RBAC)
  • What requires approval (approval workflows)
  • How to demonstrate compliance (audit readiness, reporting)
  • How to operate safely (best practices)

Workflows focus on day-to-day operations:

  • Creating releases
  • Managing versions
  • Distributing artifacts
  • Tracking license usage

Governance features enable workflows to operate safely and compliantly.

Section titled “Related Documentation”
  • Workflows — Day-to-day operational procedures
  • Concepts — Core principles and architecture
  • Reference — API and configuration details