FinOps Maturity Assessment

This section guides you to perform FinOps Maturity Assessment for your cloud account using CoreStack.


CoreStack can assess your onboarded cloud accounts periodically to identify any violations and generate a FinOps Maturity Assessment Report. This assessment is performed against specific assessment scenarios, each having its own definition and weight.

The assessment analyzes how your cloud account is performing with respect to controlling costs. Cost control identifies whether your resources are managed within your defined budget thresholds. Cost optimization checks if your resources are used in an optimized manner. The assessment also includes details around recommendations and cost avoidance.

Based on the number of violated resources per scenario, a maturity index is derived. This maturity index helps you understand how your cloud account is performing over a set time period.

Maturity IndexDescription
NoviceIndicates that the resources in your cloud account need to be governed more closely for proper cost controlling and optimization.
Advanced BeginnerIndicates that the approach used to govern the resources in your cloud account is basic, and can be improved substantially with respect to cost controlling and optimization.
CompetentIndicates that the resources in your cloud account are governed in a good manner with respect to cost controlling and optimization. However, opportunities exist to improve it further.
ProficientIndicates that the resources in your cloud account are governed in an optimized manner with respect to cost controlling and optimization. There are some minor opportunities for improvement as well.
ExpertIndicates that the resources in your cloud account are governed in an extremely optimized manner with respect to cost controlling and optimization, and no improvements are likely needed.

Required Permissions (AWS, Azure, and GCP)

A cloud account must be configured with the required privileges prior to onboarding the cloud account in order to perform a FinOps Maturity Assessment.

Read-only access to most services should be sufficient for the FinOps Maturity Assessment.



For governance, you can also onboard a cloud account with Assessment + Governance settings.



For Assessments, you must provide access to the following in the Cloud Account being onboarded to CoreStack:

  • Cloud resources to understand whether the resources are configured properly.

  • Monitoring data to understand whether the resources are utilized well.

  • Cost & Usage data to calculate potential savings for recommendations (data for the current month + last 2 months are mandatory).

  • Reservations and/or long-term savings options available for the account to provide purchase recommendations and check that purchases are utilized well.

Onboarding Prerequisites


  1. How to Onboard an AWS Management Account
  2. How to Onboard an AWS Member Account


  1. How to Onboard an Azure Subscription (Pay as You Go)
  2. How to Onboard an Azure CSP Direct Account
  3. How to Onboard an Azure CSP Subscription
  4. How to Onboard an Azure EA Subscription


  1. How to Onboard a GCP Billing Account
  2. How to Onboard a GCP Linked Project

FinOps Maturity Assessment Score

CoreStack provides a comprehensive FinOps Maturity Assessment Report for your cloud accounts. You can view the assessment score for your cloud account that is identified based on the resources assessed. Cost avoidance is estimated for each of the assessment categories in your cloud account.

Cloud admins can perform an assessment of their cloud accounts to view the governance index and compare them against each other to see where they stand according to others in CoreStack or industry benchmarks. You can generate an automated assessment report every month to visualize the improvements/decline in the index.

Score = ((100 - % of Potential Cost Savings) 0.5) + ((100 - % of Violated Resources) 0.1) + ((100 - % of Budget Violations) 0.2) + ((100 – % of Untagged Resources) 0.2)

  • % Of Potential Cost Savings = ((Potential Cost Savings) / Average Monthly Cost) * 100)
  • % Of Violated Resources = (Total Violated Resources / Total Resources Assessed) * 100
  • % Of Budget Violations = (Total Violated Budget Scenarios / Total Budget Scenarios Assessed) * 100

How it works

CoreStack has a defined set of assessment scenarios based on your cloud platform, cloud services, and cloud resource types that are available in your cloud account. These assessment scenarios are based on Industry Standards and Best Practices, including those recommended by AWS, Azure, and GCP. There are scenarios available for each Governance Pillar: Operations, Security, Cost, Access, and Resource Consistency.

The system checks the status of your cloud environments against these standards for each of the 5 pillars and provides a consolidated report that covers multiple aspects of your cloud accounts. For example, an Operations assessment will include checks for multiple aspects such as Monitoring, Utilization, Activities, Automation, Backup, Patching, etc. Similarly, each pillar will have all their key areas covered as part of the assessment.

The system checks for the compliance percentage across your resources for each assessment scenario. And each scenario carries a certain weight based on how critical that is. An Assessment Score is provided for your cloud account by calculating the weighted average of the results across all scenarios.

Azure Hybrid Benefit

Azure Hybrid Benefit is a cost-savings benefit that lets you bring your existing on-premises Windows Server and SQL Server licenses with active Software Assurance or subscriptions to Azure.

To know more, please click here:


The cost usage reports are available in the Reports > Cost section. You can select the required cloud account and view its report(s).

Assessment Reports

CoreStack provides a detailed FinOps Maturity Assessment Report for specific Governance Pillars and Cloud Accounts.

The report summary provides information about each assessment scenario for the selected cloud account, as well as an overall score for the account and the Governance Pillar. This helps to understand the specific areas where the account requires improvements and recommend any necessary next steps.

The fields available in the Assessment Summary section are:

  • Assessment Sub-Category
  • Assessment Group
  • Assessment Scenario
  • Total Violated Resources
  • Total Resources Assessed
  • Potential Cost Avoidance



For the Config assessment category, cost avoidance data will not be available for a few of the cases. These cases will be supported shortly and are planned for a future release.

The report can be printed or exported in PDF and Excel file formats. While in the report, you can switch between different Tenants, Cloud Accounts, and Assessment Dates to view the report and export the one that you need to.

The Assessment Detail section provides a deeper view into the assessment results. You can view the number of violated resources and total number of resources assessed for each of the assessment scenarios.

The fields available in the Assessment Detail section are:

  • Description
  • Resource Type/Resource
  • Total Resources Assessed
  • Number of Violated Resources
  • Total Estimated Monthly Cost Avoidance
  • Recommendations

The actual resources that are in violation are also listed after each Assessment Category. This helps the cloud admin to identify the actual resources in violation so they can take immediate action to resolve them.

FinOps Maturity Assessment Report

The FinOps Maturity Assessment Report contains the following sections:

  • FinOps Assessment: This section provides an overview of the FinOps maturity level of your cloud account.
  • FinOps Assessment Summary: This section summarizes the information identified for different FinOps assessment scenarios for your cloud account, and are grouped based on the categories.
  • FinOps Assessment Detail: This section provides further details for each resource involved in the FinOps Maturity Assessment and provides associated information to remediate any resource violations in your cloud account.
  • Cost Visibility: This section provides an overview of the actual costs incurred by resources against their forecasted costs.
  • Cost Insights: This section presents insights on various factors such as regions and tags that are available on your chosen cloud platform.
  • Assessment Visibility: This section provides a summary of the resources that are involved in the assessment.

Visibility and Insights are captured as a snapshot and persist once the assessment is completed. This helps you to relate cost avoidance, resources, and other details together. Point-in-time data for costs will be available only in the Posture & Other Cost Reports section.

Recommendations related to reservations are provided as part of the AWS management account that's consolidated for all the AWS member accounts.

A sample report is shown below.