Microsoft Azure Cost Optimisation Assessment: 20-Point Expert Checklist

Azure Cost Management provides free built-in cost analysis, budgets, and alerts. Many organisations have Cost Management enabled but have not configured meaningful cost views because resource tagging is incomplete. Expert note: Configure Azure Cost Management views for your top 10 cost-generating subscriptions. Set up daily cost exports to a storage account for historical analysis. If resource tagging is incomplete, implement a tagging policy requiring environment (prod/dev/test), owner, and cost-centre tags on all new resources. Untagged resource cost is unattributable cost — and unattributable cost is unmanaged cost.

Budget alerts notify stakeholders when Azure spend exceeds defined thresholds — typically 80 percent and 100 percent of monthly budget. Without alerts, cost overruns are only identified when the invoice arrives. Expert note: Set budget alerts for every production subscription at 80 percent and 100 percent of expected monthly cost. Add a forecast alert at 90 percent of budget to catch projected overruns before they materialise. Route alerts to both the team responsible for the workload and the cost centre owner. Monthly budget review should be a standing agenda item for every engineering team running Azure workloads.

Azure Advisor continuously analyses your Azure environment and generates cost, performance, security, and reliability recommendations. The cost recommendations are validated by Microsoft's usage data and are generally accurate. Expert note: Open Azure Advisor in the Azure portal and filter for Cost recommendations. Sort by estimated annual saving. Implement all recommendations with high confidence and low implementation effort first — typically right-sizing underutilised VMs, deleting unattached disks, and converting eligible pay-as-you-go workloads to Reserved Instances. Assign a quarterly Advisor review to your Azure governance team.

Azure Policy prevents costly configurations before they are deployed. Policies limiting VM SKU sizes in non-production environments, requiring cost-centre tags on all resources, and restricting deployments to approved regions prevent cost overruns at the point of creation. Expert note: Deploy a core governance policy set covering: (1) allowed VM SKU sizes by environment; (2) required tags (cost-centre, owner, environment) with deny effect for non-compliant resources; (3) permitted regions limited to your operational geography; and (4) no public IP addresses in development subscriptions. These policies are deployable in under a day and prevent a recurring class of cost governance failures.

Azure subscription sprawl — dozens or hundreds of subscriptions without a coherent management group hierarchy — creates visibility gaps, inconsistent policy enforcement, and billing complexity. Expert note: Inventory all Azure subscriptions and map them to your management group hierarchy. Identify subscriptions that are unused, have zero resources, or lack a named owner. Decommission unused subscriptions and consolidate where logical to simplify governance. A well-structured management group hierarchy with consistent policy inheritance is the foundation of scalable Azure cost governance.

VMs with average CPU utilisation below 10 percent and average memory utilisation below 30 percent are candidates for right-sizing to a smaller SKU. VMs with zero activity for 7 days are candidates for deallocation. Expert note: Pull 30-day CPU and memory utilisation metrics from Azure Monitor for all production VMs. Sort by average CPU utilisation. VMs below 10 percent average CPU are right-sizing candidates. Apply Azure Advisor's right-sizing recommendation for the specific VM — it accounts for peak usage, not just average — before resizing production workloads. Right-sizing is typically the highest-ROI single action in an Azure cost review.

Pay-as-you-go pricing for stable production VMs is 40–72 percent more expensive than Reserved Instance pricing for equivalent coverage. Any VM that has been running continuously for more than 6 months is a strong RI candidate. Expert note: Pull VM uptime data from Azure Monitor for the past 3 months. VMs with greater than 95 percent uptime are your primary RI candidates. Calculate the 1-year and 3-year RI saving for each candidate. Purchase 1-year RIs for VMs where workload continuity is less certain; 3-year RIs for core infrastructure VMs with no planned migration. Commit to RIs in monthly instalments where cash flow is a consideration — Microsoft supports this payment model.

Azure Spot Instances use spare Azure capacity at up to 90 percent discount versus pay-as-you-go pricing. They are subject to eviction when Azure requires the capacity back, making them suitable for batch jobs, data processing pipelines, and development workloads but not production transactional systems. Expert note: Identify workloads in your Azure estate that can tolerate interruption: CI/CD build agents, batch data processing jobs, machine learning training runs, and non-critical dev/test environments. Migrate these to Spot Instances. A batch processing workload running 200 hours per month at Standard_D4s_v4 pay-as-you-go costs approximately $580/month. The equivalent Spot Instance cost is approximately $58–$100/month.

Azure Hybrid Benefit allows customers with active Software Assurance on Windows Server and SQL Server licences to run equivalent Azure workloads at significantly reduced cost. Despite being a standard EA benefit, many organisations have not applied it consistently. Expert note: Check Azure Hybrid Benefit status on every Windows Server and SQL Server VM in the Azure portal (visible in VM properties). Apply the benefit to all eligible VMs. For Windows Server, Hybrid Benefit reduces the software component cost to zero on standard Azure VMs. For SQL Server, it reduces SQL licensing cost by up to 55 percent compared to licence-included pricing. This is a configuration change — the licences are already paid for through your EA.

Burstable VM SKUs (B-series) are designed for workloads with low average CPU utilisation that occasionally burst to higher utilisation. They are typically 30–50 percent less expensive than equivalent standard D-series VMs. Expert note: Review your VM SKU mix and identify VMs on D-series or E-series with average CPU utilisation below 20 percent. These are strong B-series candidates. B-series VMs accumulate CPU credits during low-utilisation periods and spend them during bursts — the B4ms (4 vCPU, 16GB) is approximately 35 percent less expensive than a Standard_D4s_v3 with similar vCPU and memory. Test B-series candidates in staging before production conversion.

Azure Blob Storage hot tier costs approximately $0.018/GB per month. Cool tier costs $0.01/GB. Archive costs $0.00099/GB. Data that is not accessed frequently should not be in the hot tier. Expert note: Implement Azure Storage Lifecycle Management policies that automatically transition blobs to Cool tier after 30 days of no access and to Archive tier after 90 days. Apply this policy to all storage accounts holding logs, backups, and historical data. A 10TB storage account containing mostly infrequently accessed data can reduce from ~$180/month to ~$10–$30/month by moving to appropriate tiers.

Azure SQL Database is frequently provisioned at sizes based on peak capacity estimates that are rarely reached in production. A database provisioned at 16 vCores that consistently uses 2–4 vCores is 4–8x over-provisioned. Expert note: Review Azure SQL Database performance metrics in the Azure portal — CPU percentage, DTU percentage, log IO percentage — over 30 days. If average utilisation is below 20 percent of provisioned capacity, scale down the tier. Azure SQL Database Serverless is an alternative for development and test databases with intermittent usage patterns — it auto-pauses when idle and charges only for actual compute time.

Azure Cosmos DB provisioned throughput is billed at the configured RU/s level regardless of actual consumption. Databases provisioned for peak throughput that is rarely reached are significantly over-provisioned. Expert note: Review your Cosmos DB containers' normalised RU consumption in the Azure portal. Containers with normalised RU consumption consistently below 10 percent of provisioned throughput are strong autoscale candidates. Autoscale adjusts throughput between 10 percent and 100 percent of the configured maximum, reducing cost during low-utilisation periods. For containers with predictable, high, continuous throughput, manual provisioning at the right level remains more cost-effective.

Azure charges for data leaving Azure datacentres — egress to the internet, to other regions, or to on-premises. Egress charges are invisible in standard VM pricing and often surprise teams when they appear on invoices. Expert note: Pull network billing data from Azure Cost Management filtered by meter category 'Bandwidth'. Identify the top egress cost drivers. Common sources: inter-region data replication, public internet data delivery without CDN, and backup data transfer to on-premises. Evaluate whether Azure CDN (caching public content), ExpressRoute (replacing internet egress for on-premises connectivity), or data architecture changes (collocating data with its consumers) could reduce egress costs materially.

Azure Backup storage is priced based on backup data size and retention period. Default retention policies — sometimes configured as indefinite — result in continuously growing backup storage costs. Expert note: Review your Azure Backup vault policies and compare retention periods against your organisation's actual recovery requirements. Daily backup retention of 30 days, weekly retention of 12 weeks, and monthly retention of 12 months is sufficient for most workloads. Indefinite retention should require specific business justification. Reducing retention from indefinite to policy-compliant can reduce Azure Backup storage costs by 30–60 percent for mature deployments.

A monthly FinOps review is the single most effective process improvement for Azure cost management. It creates accountability, surfaces anomalies before they compound, and drives action on optimisation recommendations. Expert note: Structure the monthly FinOps review around four topics: (1) cost vs. budget variance by subscription and workload; (2) top anomalies identified by Azure Cost Management anomaly detection; (3) Azure Advisor recommendations implemented and planned; and (4) Reserved Instance and Savings Plan utilisation rates. Keep the meeting to 60 minutes with a consistent agenda. Assign owners to every open action item.

Azure cost is frequently managed by a central IT function with limited visibility into which engineering teams are driving spend. Showback — reporting Azure cost by team without financial transfer — creates accountability without the complexity of full chargeback. Expert note: Configure Azure Cost Management to produce monthly cost reports grouped by team tag or resource group and distribute them to engineering managers. The act of making cost visible to the teams responsible for it consistently reduces waste by 10–20 percent without any technical changes — teams simply make better decisions when they can see the cost impact of their architectural choices.

Ad hoc Azure portal resource creation bypasses cost governance controls. Infrastructure-as-code (Terraform, Bicep, ARM) combined with cost estimation tools enables cost review before resources are deployed. Expert note: Implement a pull request approval gate for IaC changes that provision resources costing more than $500/month. Use Azure Pricing Calculator or Infracost to generate cost estimates at the IaC review stage. Engineers see the cost impact of their architectural decisions before they deploy — this creates cost awareness at the point of maximum leverage.

Azure Marketplace subscriptions — third-party security tools, monitoring platforms, data integration services — are billed through Azure but often escape the same governance scrutiny as native Azure resources. Expert note: Pull Azure Marketplace charges from your Azure invoice or Cost Management. For each Marketplace subscription, confirm: active usage, named business owner, and cost justification versus native Azure alternative. Marketplace tools that have been superseded by native Azure capabilities (native monitoring replacing third-party APM, Defender replacing third-party EDR) should be removed at their renewal date.

Azure architecture evolves rapidly. Workloads designed and deployed 2–3 years ago may have more cost-efficient alternatives available today — PaaS services instead of IaaS, serverless instead of always-on VMs, managed database services instead of self-managed SQL on VMs. Expert note: Conduct a quarterly architecture review for your top 10 cost-generating workloads. For each, assess: (1) is a PaaS equivalent available that would reduce operational overhead and cost? (2) could the workload benefit from containerisation with AKS to improve density and reduce VM count? (3) are there newer Azure service tiers (e.g., General Purpose v5 VMs with improved price-performance versus prior generations) that would improve economics? Architecture modernisation is the highest-leverage long-term Azure cost strategy.