Case Study: How a financial services leader built scalable governance and ITSM with Atlassian Cloud

The Client

A fast-growing Brazilian financial services company was looking to standardize its service management and software development lifecycles. Their goal was to achieve robust governance, seamless scalability, and an enhanced user experience. Strategically, the project aimed to deliver high-level compliance, operational automation, an integrated knowledge base, and a unified service portal—all while ensuring enterprise-grade security through SSO/MFA and Active Directory-driven group management.

Background & Context

Starting Point: The company already had a service catalog and was structuring its squads. However, it needed to consolidate squad workspaces in Jira Software and bring ITSM processes (Incident, Request, Change, and Problem Management) into Jira Service Management (JSM). This setup had to integrate seamlessly with their external repository (GitHub) while establishing clear access control, roles, and visibility.
Scope & Goals: Deploy an integrated environment featuring Jira Service Management (JSM), Jira Software, and Confluence. This included a unified service catalog and help center, custom SLAs, queues, and automations. It also required setting up SSO/MFA (via Atlassian Guard + Azure AD) and a CMDB (Assets) to serve as the master data source for forms and governance.
Organizational Challenges: Defining roles, groups, and approvers per environment; maturing SLA management; consolidating the service catalog; and migrating/organizing spaces and content within Confluence.
Technical Challenges: Managing permissions governance (company-managed projects, boards, and filters), integrating Atlassian Guard with Azure AD, structuring the CMDB and discovery workflows, building Change Management (GMUD), Incident, and Problem workflows with maintenance windows and approval gates, and bridging the operational gap between JSM and the development pipeline.

The Solution

Nimble Evolution led an iterative, sprint-based implementation. The approach combined process design with technical cleanup and standardization, with a heavy focus on scalability, compliance, and user experience.

Architecture & Governance

Built on a company-managed architecture for both JSM and Jira Software, standardizing workflows, fields, permissions, and schemes.
Implemented SSO/MFA using Atlassian Guard integrated with Azure AD (Entra ID), featuring verified domains and automated group syncing for access control and approvals.
Created a streamlined role model (Guest / Developer / Administrator) and overhauled boards and filters to ensure controlled visibility and strict governance.

ITSM Processes & the Service Portal

Service Requests (JSM): Created dedicated request types mapped directly to the service catalog. Implemented dynamic forms, user/beneficiary fields, and strict guidelines for using the Summary field. Established area-specific queues, group-based visibility, and an integrated knowledge base.
Incident & Problem Management: Built workflows with strict status controls and resolution rules, set up first-response and resolution SLAs, and created automations to trigger Problem records automatically upon Incident closure.
Change Management: Designed workflows for both Standard and Emergency changes, featuring implementation windows, environment-specific approvals (Tech Leads/Managers, Infra, and Security groups), and scheduled transition automations based on configured windows.

Help Center: Branded the customer portal with a custom layout, revised categories by department (IT, HR, Security, etc.), and applied group-based access restrictions.

Integrated Development Pipeline

Configured Jira Software using the Scrum framework, defining standard issue types (Story, Task, Bug, Tech Debt, Sub-task), customized workflows (including a “Refinement” stage), boards with WIP limits and swimlanes, and standardized fields for metrics.
JSM-to-Dev Integration: Conducted end-to-end testing to ensure a seamless flow from initial portal submission through development tracking and back to the customer, supported by comprehensive documentation in Confluence.

CMDB (Assets) & Knowledge Management

Incremental CMDB: Defined asset classes and attributes for approved software (version, criticality, status) to populate dynamic, filtered dropdowns within JSM forms.
Discovery Integration: Centralized IT asset discovery in Lansweeper, integrating it directly with Jira Assets and leveraging Flow Builder for operational automations.
Knowledge Base: Set up Confluence spaces with standardized structures and templates, configuring them to automatically suggest relevant articles in the customer portal.

Security, Permissions, and Operations

Group Overhaul: Reviewed and restructured core groups (TechLead, TechManage, Production/Staging Approvers, Infra, Security, and Leadership) to eliminate duplicates and optimize license usage, leveraging “Guest” roles wherever applicable.
Targeted Visibility: Configured change and service requests to be shared only with specific approvers/participants, moving away from broad, organization-wide visibility.

Operations & Support: Established a Nimble support model featuring post-go-live hypercare, a monthly hours retainer for continuous improvements, and ongoing training via Atlassian University and community resources.

Results

The newly deployed environment is fully scalable, highly secure, and validated across all critical workflows. The unified portal, queues, and SLAs are ready for internal testing; the development pipeline is fully integrated, tested, and documented; and the change management process is live with automated windows and group-based approval gates.

Operational Speed: Department-specific queues and tailored SLAs allow for instant prioritization and tracking. User-friendly, objective forms minimize back-and-forth and streamline triage.
True Governance: Standardized projects and permission schemes are now live, with crystal-clear roles and groups. Visibility is strictly managed via automatic sharing, and sensitive portals (Change/Incident) are restricted exclusively to IT.
End-to-End Integration: Service requests and incident reports flow into development predictably, backed by living documentation and clear handoffs.
Integrated Knowledge Base: Real-time article suggestions on the portal and a standardized Confluence structure speed up resolution times and increase self-service deflection.
CMDB as a Living Asset: Pre-approved software lists seamlessly feed into user forms, while the Lansweeper integration solidifies a single source of truth for assets.
Security & Compliance: SSO/MFA, synchronized groups, and audit-ready approval trails ensure full compliance with financial industry regulations and standards.
Embedded Best Practices: The company successfully adopted reusable workflows, MVP-focused forms, group-based approval delegation, continuous documentation in Confluence, and a structured testing/hypercare rhythm during go-live.