Back to BissyApps

Low-Code/No-Code Center of Excellence Framework

Enterprise Governance Model for Citizen Development at Scale

Framework Version: 2.0

Classification: INTERNAL USE

Date: December 2025

Mission Context: Enable rapid application delivery through governed citizen development while maintaining enterprise security, compliance, and architectural integrity. Balance velocity with risk through tiered governance, reusable components, and fusion team collaboration models.
Framework Pillars
1Governance & Policy
  • • Platform standards & guardrails
  • • Data classification rules
  • • Integration approval workflows
  • • Shadow IT prevention
2Platform Portfolio
  • • Platform rationalization
  • • Capability mapping
  • • License optimization
  • • Vendor management
3Enablement & Training
  • • Certification programs
  • • Reusable component library
  • • Templates & accelerators
  • • Tiered support models
4Delivery & Operations
  • • Application lifecycle mgmt
  • • Environment strategy
  • • CI/CD for LC/NC
  • • Retirement criteria
5Security & Compliance
  • • Identity integration (PIV/CAC)
  • • DLP policy enforcement
  • • API security controls
  • • FedRAMP/IL alignment
Operating Model & Value Flow
📥 Demand Intake
Business Request
Use case submission
Triage Assessment
Complexity scoring
🎯 Classification Engine
Tier 1
Personal
Self-service
Tier 2
Departmental
Light review
Tier 3
Enterprise
Full governance
⚡ Fusion Team Operating Model (Highest ROI)
👤
Citizen Developer
Business domain expert
Rapid prototyping
Components
Requirements
👨‍💻
Pro Developer
Complex integrations
Reusable components
+
🛡️
IT Governance
Security oversight
Architecture alignment
ROI Driver: 10-50x productivity multiplier through bidirectional collaboration
📦 Reusable Component Library (High ROI)
🔐
Auth Patterns
PIV/SSO/MFA
🔗
Connectors
Pre-approved APIs
📋
Templates
Forms/Workflows
🎨
UI Kits
Design system
📊
Dashboards
Analytics patterns
Compliance
FISMA patterns
🛤️ Golden Path
Principle: Make compliance easier than shadow IT
Pre-approved patterns
Auto-provisioning
Built-in guardrails
📈 Success Metrics & KPIs
Days→Hours
Time to Value
60-80%
Component Reuse Rate
<5%
Pro-Dev Escalation
Zero
Security Incidents
85%↓
App Backlog Reduction
Platform & Maturity
🏗️ Enterprise Platform Stack
Microsoft Power PlatformLC/NC
ServiceNow App EngineITSM
Salesforce PlatformCRM
Mendix / OutSystemsLCAPs
📊 COE Maturity Model
1
Ad Hoc - No governance
2
Reactive - Basic policies
3
Defined - Formal COE
4
Managed - Metrics-driven
5
Optimizing - Continuous
💰 ROI Summary
Fusion Teams
10-50x development multiplier
Component Library
Solve once, deploy many
Tiered Classification
Right-size governance
Key Stakeholders
  • • COE Director / Lead
  • • Business Unit Champions
  • • Enterprise Architects
  • • Security & Compliance Officers
  • • Platform Administrators
Critical Success Factors
  • • Executive sponsorship
  • • Clear platform selection criteria
  • • Investment in enablement
  • • Balanced governance (not bottleneck)
  • • Metrics that matter
Governance Framework
  • • NIST Cybersecurity Framework
  • • FedRAMP / StateRAMP (if applicable)
  • • DoD Cloud Computing SRG (IL2-6)
  • • Enterprise Architecture Standards
  • • Data Governance Policies
Implementation Phases
  • • Phase 1: Platform Rationalization
  • • Phase 2: Governance Foundation
  • • Phase 3: Enablement Launch
  • • Phase 4: Scale & Optimize
  • • Phase 5: Continuous Improvement
LC/NC Center of Excellence Framework | Enterprise Governance Model v2.0POC: Enterprise Architecture Office | Classification: Internal Use Only