# Automate and streamline governance
To start working toward reducing sprawl at your organization, we recommend the following actions:
* **Connect Data**: [Ingest data and ensure ownership](#step-1-ingest-data-and-solve-ownership) is assigned to your entities
* **Standardize**:
* [Take inventory of the standards](#step-1-narrow-down-priorities) you've been measuring across spreadsheets and wikis. Consolidate your rules and rule categories.
* Use the narrowed-down categories to determine your first [Scorecards](#step-3-configure-scorecards) to configure.
* **Streamline**: [Automate workflows](#step-4-automate-processes-via-workflows) such as service creation or migration, ensuring best practices are followed from the start.
* **Improve**: [Review Scorecard progress in reports](#step-5-drive-continuous-improvement) and take action when issues are identified.
## Use Cortex features to unify governance
Expand the tiles below to learn about using Cortex features to reduce sprawl and unify governance at your organization.
Step 1: Narrow down priorities :merge:
{% hint style="success" %}
**Action items:**
* **Review and consolidate your existing standards**
* **Consolidate the overall categories you measure**
{% endhint %}
Before getting started with connecting your data in Cortex, you may need to work across your engineering teams to understand your currently-identified standards.
As an internal exercise, work with your teams to gather a list of all your current engineering standards. Review the list to consolidate redundant requirements, remove unnecessary standards, and narrow down the categories you want to focus on (such as operational efficiency, incident management, etc.).
#### Step 1.1: Consolidate existing standards
Review your organization's existing standards that you currently track in spreadsheets or other locations. Check for overlapping standards, or requirements that don't serve a helpful purpose.
For example, a team might have a legacy requirement that a repo has at least one commit every 3 weeks. Looking further into the requirement, it appears that engineers have been making a whitespace edit on the repo's README every 3 weeks. In this case, the requirement is not enforcing excellence; you might decide to ignore that requirement moving forward.
#### Step 1.2: Consolidate your standards categories
With the remaining rules, start narrowing down the overall categories. The things you want to continue measuring — like DORA metrics, Production Readiness, Risk Management, and more — will become your Scorecards in Cortex. Some categories may be closely related and can be consolidated.
In the [example from Cortex customer Skyscanner,](/solutions/unify-governance.md#example-skyscanners-engineering-excellence-framework) they started out with 200 markdown files containing various engineering team standards. They narrowed them down to 15 general categories (such as AI Governance, Operational Excellence, and DORA Metrics), then they reviewed the rules to ensure they were up to date and served a purpose.
Step 2: Ingest data and solve ownership 🔌
{% hint style="success" %}
**Action Items:**
* [**Import your data**](/ingesting-data-into-cortex/overview.md)
* [**Ensure ownership is set**](/ingesting-data-into-cortex/entities-overview/entities/ownership.md)
* [**Configure integrations**](/ingesting-data-into-cortex/integrations.md)
{% endhint %}
Before getting started on any use case, it is crucial to import your services, resources, infrastructure, and other entities, and to have clear visibility into the ownership of your entities.
Connecting your entities to Cortex establishes a single source of truth across your engineering organization. It enables the ability to track progress via Scorecards, automate Workflows, and gain insights from Eng Intelligence.
Setting ownership of entities ensures that every service and system is clearly linked to accountable teams or individuals, enabling faster incident response, reducing handoff friction, and making it possible to enforce standards consistently.
The more data you have available, the more actionable and insightful your Scorecards can be.
#### Relevant integrations
Cortex recommends integrating with tools that provide visibility and control over code, deployments, monitoring, on-call, and documentation. Make sure you have configured integrations for the following categories:
* **Version control**: [Azure DevOps](/ingesting-data-into-cortex/integrations/azuredevops.md), [Bitbucket](/ingesting-data-into-cortex/integrations/bitbucket.md), [GitHub](/ingesting-data-into-cortex/integrations/github.md), [GitLab](/ingesting-data-into-cortex/integrations/gitlab.md)
* Enforce best practices like peer reviews, CI/CD pipelines, and versioning
* **On-call**: [PagerDuty](/ingesting-data-into-cortex/integrations/pagerduty.md), [Opsgenie](/ingesting-data-into-cortex/integrations/opsgenie.md), [Splunk On-Call](/ingesting-data-into-cortex/integrations/splunk-oncall.md) (formerly VictorOps), [xMatters](/ingesting-data-into-cortex/integrations/xmatters.md)
* Track on-call responsibilities to confirm that support teams are always assigned
* **Project management**: [GitHub](/ingesting-data-into-cortex/integrations/github.md), [Jira](/ingesting-data-into-cortex/integrations/jira.md), [Azure DevOps](/ingesting-data-into-cortex/integrations/azuredevops.md), [ClickUp](/ingesting-data-into-cortex/integrations/clickup.md)
* Track incidents, bugs, and compliance issues
* **Code quality and security**: [Checkmarx](/ingesting-data-into-cortex/integrations/checkmarx.md), [Codecov](/ingesting-data-into-cortex/integrations/codecov.md), [Mend](/ingesting-data-into-cortex/integrations/mend.md), [Snyk](/ingesting-data-into-cortex/integrations/snyk.md), [SonarQube](/ingesting-data-into-cortex/integrations/sonarqube.md), [Veracode](/ingesting-data-into-cortex/integrations/veracode.md), [Wiz](/ingesting-data-into-cortex/integrations/wiz.md)
* Enforce code coverage, vulnerability scanning, and other quality measures
Cortex also recommends [linking to runbooks and documentation](/ingesting-data-into-cortex/entities-overview/entities/external-docs.md) for your entities, ensuring your users have access to critical information.
With your data in Cortex, you have a jumping-off point to start measuring the standards that matter most to your organization.
Step 3: Configure Scorecards 📋
{% hint style="success" %}
**Action Item:** [**Create Scorecards**](/standardize/scorecards/create.md) **for the standards you want to measure.**
{% endhint %}
Scorecards automate the process of checking whether services meet criteria such as ownership, on-call coverage, runbooks, monitoring, and security requirements.
Cortex's templates include predefined rules which can be customized based on your organization's requirements, infrastructure, and goals. Most of the templates are structured into three levels — Bronze, Silver, and Gold — with each representing increasing levels of maturity.
#### Step 3.1: Define clear levels to be used across all Scorecards
Before creating Scorecards in Cortex, consider using the same level names across all of your Scorecards that measure standards. This consistency enables leaders and engineers across different teams to understand the progress of any given Scorecard.
* In [the Skyscanner example](/solutions/unify-governance.md#example-skyscanners-engineering-excellence-framework), they named their levels "No level," "Baseline," "Mature," and "Advanced."
#### Step 3.2: Create Scorecards
Create a Scorecard for each of the categories your organization has decided to focus on. You can get started quickly with a prebuilt template. When you use Scorecard templates, you can customize rules and level names.
Cortex has templates for common engineering use cases, such as Production Readiness, AI Governance, Security, DORA Operational Readiness, Incident Preparedness, Code Quality, and more.
1. On the [**Scorecards** page](https://app.getcortexapp.com/admin/scorecards) in your workspace, click **Create Scorecard**.
2. On the template you want to use, click **Use**.
3. Configure basic settings, including the Scorecard's name, unique identifier, description, and more.
1. Learn about configuring the basic settings in the [Creating a Scorecard documentation](/standardize/scorecards/create.md).
4. Repeat this process for each Scorecard you want to launch.
As entities are evaluated against Scorecard rules, engineers will see tasks appear on their [engineering homepage](/streamline/homepage.md) for the entities they own.
Step 4: Automate processes via Workflows ⚙️
{% hint style="success" %}
**Action item:** [**Configure Workflows**](/streamline/workflows.md)
{% endhint %}
You can use Workflows to streamline and standardize engineering processes by turning best practices and readiness checks into repeatable, self-service automations.
#### Workflows to establish adherence to best practices
* You can add manual approval steps in a Workflow to require sign-off from specific team members before a service is considered production-ready, ensuring accountability and providing an audit trail.
* See the documentation on [configuring a Manual approval block](/streamline/workflows/blocks.md#manual-approval).
* When Scaffolding new services, you can use templates to ensure that every new service starts with baseline standards (e.g., on-call information, runbooks, SLOs configured, and more).
* See the documentation on [registering a Scaffolder template](/streamline/workflows/scaffolder.md) and [configuring a Scaffolder block](/streamline/workflows/blocks.md#scaffolder).
#### Workflows based on Scorecard progress
In a Workflow, you can use an HTTP request to get an individual entity's score or the latest scores for all entities on a given Scorecard, then configure additional steps to take actions based on the score.
For example, you could create a Workflow that blocks deployment based on Scorecard scores, ensuring that a deployment is blocked if the entity has not met your standards.
* See an example of this Workflow in the template "Deploy to prod based on Scorecard score" in your Cortex workspace:
* When the Workflow runs, it checks whether the entity has achieved the "Gold" level standard in the Scorecard. If it has, the deployment continues. If it has not, the Workflow automatically sends a Slack message to notify the entity owner.
* The template is prebuilt to point at a Production Readiness Scorecard, but can be modified to point to any Scorecard.
Step 5: Drive continuous improvement 📈
{% hint style="success" %}
**Action Item:** [**Review Eng Intelligence metrics**](/improve/eng-intelligence.md) **and** [**reports**](/improve/reports.md)
{% endhint %}
Review [reports](/improve/reports.md) for visibility into Scorecard progress, compliance, and blockers. The [Bird's Eye report](/improve/reports/birds-eye.md) gives you quick insight into where gaps are across the organization:
Use Eng Intelligence features — such as the [Velocity Dashboard](/improve/eng-intelligence/dashboards/velocity-dashboard.md) and [Metrics Explorer](/improve/eng-intelligence/metrics-explorer.md) — to understand your baseline metrics.
Review trends in areas such as deployment frequency, incident response, and other indicators that are important to your organization. This helps you identify areas where teams or services are falling behind.
## Sprawl reduction in action
Learn about what ongoing progress looks like in [Sprawl reduction in action](/solutions/unify-governance/in-action.md).
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.cortex.io/solutions/unify-governance/configure.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.