I led a post-acquisition Azure cloud consolidation assessment for a global healthcare and medical device company that had recently acquired a hospital technology subsidiary. The engagement evaluated both Azure environments — the parent company's established tenant and the acquired subsidiary's environment — against Microsoft's Well-Architected Framework (WAF) and Cloud Adoption Framework (CAF) across five weighted pillars.
I produced a full maturity scorecard for both tenants, revealing a significant gap: the parent organization scored 71.61/100 (average maturity 3.4/5) while the acquired subsidiary scored 45.07/100 (average 2.05/5). The Fit-Gap Assessment identified specific technical, governance, and operational divergences — including the absence of any IaC standards in the acquired entity's environment. My recommendations addressed the consolidation path, AAD tenant strategy, IaC standardization, and a phased cost optimization and governance alignment roadmap.
Parent Organization — Strengths
- Mature Terraform IaC foundation — all infrastructure deployed via code, module registry in use
- Centralized Azure AD tenant with PIM, Conditional Access, and MFA enforced
- Azure Security Center (Defender for Cloud) enabled with high coverage
- Tagging taxonomy and cost management policies consistently applied
- Established DevOps pipelines (Azure DevOps) for application and infrastructure deployments
- Operational Excellence scoring highest (4.00 avg) — runbooks, incident playbooks, monitoring in place
Acquired Subsidiary — Key Gaps
- No IaC standards — all infrastructure deployed manually through Azure Portal clicks
- Separate Azure AD tenant with minimal Conditional Access and no PIM
- Defender for Cloud enabled but unconfigured — low coverage and alert backlog
- No tagging standards — cost allocation by resource group only, significant blind spots
- Manual release processes with no CI/CD — deployment lead times measured in days/weeks
- HIPAA and GDPR data residency requirements not fully mapped to resource configurations
Maintain Separate Azure AD Tenants — Do Not Merge
I recommended retaining separate Azure AD tenants for the parent and acquired subsidiary rather than attempting a full tenant merge. A merge would require extensive network re-architecture, complex identity migration, and risk disruption to HIPAA-regulated workloads. The subsidiary's GDPR data residency constraints also create compliance complications in a merged tenant. Instead, I designed a shared governance model using Azure Lighthouse and cross-tenant monitoring to provide unified visibility without merging identity boundaries.
Adopt Parent's Terraform IaC Standards Across Both Tenants
The parent organization's Terraform module library and CI/CD pipeline design was the single most impactful gap to address in the acquired environment. I recommended a phased IaC adoption program for the subsidiary — beginning with the network foundation and security controls, followed by application infrastructure. This eliminates configuration drift and creates an auditable deployment history required for HIPAA compliance.
Align Backup, Recovery, and BCDR Standards
Backup and recovery configurations diverged significantly between tenants. The parent had documented RPO/RTO targets and Azure Backup policies enforced via Policy-as-Code; the subsidiary had ad-hoc backup configurations with no documented SLAs. I recommended adopting the parent's backup policy framework across both tenants, with HIPAA-specific retention adjustments for the subsidiary's regulated datasets.
Unified Cost Optimization Roadmap
Cost Optimization was the lowest-scoring pillar for the parent organization (2.57 avg) and among the lowest for the subsidiary. I produced a consolidated cost optimization roadmap addressing Reserved Instance coverage, right-sizing opportunities, Azure Hybrid Benefit utilization, and storage tiering — with estimated savings calculated for both tenants independently and combined.
WAF Assessment Methodology
Used Microsoft's Well-Architected Framework review process with weighted scoring across 5 pillars — Security & Governance (highest weight at 54.3 pts), Cost Optimization, Operational Excellence, Reliability, and Performance Efficiency.
CAF Alignment Review
Evaluated both environments against the Cloud Adoption Framework's Strategy, Plan, Ready, and Govern disciplines — assessing governance policies, landing zone design, and organizational readiness for continued cloud adoption.
HIPAA & GDPR Compliance Mapping
Mapped the acquired subsidiary's data residency and HIPAA requirements to Azure resource configurations — identifying gaps in encryption, access control, audit logging, and regional data placement that needed to be addressed before consolidation.
Scorecard Matrix & RACI
Produced a detailed scorecard matrix comparing both tenants across all WAF sub-dimensions, a RACI for the consolidation program, and a project plan with milestones for IaC standardization and governance alignment.
WAF Maturity Scoring
Led the full Well-Architected Framework assessment across both Azure tenants — conducting technical interviews, reviewing resource configurations, and producing weighted scores across all 5 pillars for each environment.
Fit-Gap Analysis
Produced the detailed Fit-Gap Assessment documenting the technical, governance, and operational divergences between both tenants — providing the decision-making foundation for the consolidation roadmap.
AAD Tenant Strategy
Designed the separate-tenants architecture with Azure Lighthouse and cross-tenant governance — validating that a merge was higher-risk than the governance overhead of maintaining two identities with shared policy frameworks.
IaC Adoption Roadmap
Designed the phased Terraform adoption plan for the acquired subsidiary — module-by-module, with CI/CD pipeline design, state management strategy, and security control prioritization aligned to HIPAA requirements.
Cost Optimization Analysis
Produced a combined cost optimization roadmap for both tenants — Reserved Instance coverage analysis, right-sizing recommendations, Hybrid Benefit opportunities, and storage tiering — with estimated annual savings per initiative.
Deliverables & Stakeholder Alignment
Produced all deliverables — executive summary, consolidation deck, scorecard matrix, Fit-Gap assessment, RACI, and project plan — and presented findings to both technical and executive stakeholders.
| Deliverable | Description | Format |
|---|---|---|
| Executive Summary | C-suite readout: assessment findings, maturity scores, strategic recommendations, and next steps | PPTX |
| Consolidation Summary | Detailed consolidation assessment — AAD strategy, governance alignment, and IaC adoption roadmap | PPTX |
| Fit-Gap Assessment | Technical and operational gap analysis between both Azure tenants across WAF pillars | DOCX |
| Scorecard Matrix v1 & v2 | Weighted WAF scoring across both tenants — all pillar sub-dimensions with maturity ratings and evidence | XLSX ×2 |
| Cloud Selection Scorecard | Evaluation framework validating Azure as the continued platform for both entities post-consolidation | XLSX |
| RACI Draft | Responsibility matrix for the consolidation program — across IT, Security, Compliance, and Business stakeholders | XLSX |
| Project Plan | Phased project schedule for IaC adoption, governance alignment, and BCDR standardization milestones | XLSX |