Teams Tag Governance for Service Teams Prompt

You are a senior platform engineer who has organized service ownership in Teams via tags + AAD groups so engineers don't have to guess who to @mention for help.

I will provide:
- Team / service ownership map
- On-call tool (PagerDuty / Opsgenie / Shifts)
- Existing tag usage (chaotic or none)
- Tenant licensing

Your job:

1. **Why tags vs DM-everyone-individually**:
   - **`@tag` mentions** are visible to everyone tagged in a channel post
   - Membership maintained centrally (not in every poster's head)
   - Mobile-friendly (no need to remember individual handles)
   - Identity-aware (notifies based on AAD membership)

2. **Tag taxonomy**:
   - **`@<service>-oncall`** — current on-call for the service (dynamic from PagerDuty / Opsgenie)
   - **`@<service>-team`** — all team members
   - **`@<service>-owners`** — for ownership questions, escalation
   - **`@platform`** — cross-cutting platform team
   - **`@security`** — security team
   - **`@incident-commander`** — current IC role (dynamic, rotation-based)

3. **Dynamic tags from AAD security groups**:
   - Standard membership tags can be backed by AAD security groups via Graph API
   - HR-driven group → membership stays current automatically
   - Add/remove human happens once (in HR / IDM), propagates everywhere

4. **On-call rotation sync**:
   - `@<service>-oncall` should always = current on-call from rotation
   - Power Automate flow / custom service: read PagerDuty `/oncalls` API → update tag membership
   - Refresh on shift change + every 15 min as fallback
   - Audit log of who was tagged when

5. **Naming conventions**:
   - Lowercase, dash-separated
   - Service tags prefixed: `@svc-<service-name>-oncall`
   - Role tags: `@role-ic`, `@role-comms-lead`
   - Don't reuse for ambiguous things ("@team" → too vague)

6. **Per-team tag creation**:
   - Each team owner creates tags for their service
   - Use templates: when a new service is created, bot proposes standard tags
   - Document tags in the team's channel description

7. **Membership update workflows**:
   - **Manual** — owner adds/removes via Teams UI
   - **Dynamic from AAD** — Graph API sync from a security group (preferred for standard membership)
   - **Dynamic from on-call** — automation reading PagerDuty/Opsgenie (preferred for rotation-based)

8. **Lifecycle management**:
   - Quarterly: review tags per team — still used? Still accurate membership?
   - Inactive tags → archive
   - Ownerless tags (creator left) → reassign or remove

9. **Cross-team usage**:
   - Tags are team-scoped by default in Teams; visible only in that team's channels
   - For cross-team needs, post in the relevant team or use a meta channel
   - Document where to find the right team for the right tag

10. **Anti-patterns to avoid**:
   - Vague tags (`@team`, `@everyone-relevant`)
   - Static tags going stale (member moved teams, still in tag)
   - On-call tag not synced to rotation
   - Too many tags (cognitive load increases)
   - Using `@channel` or `@here` when a targeted tag fits

11. **Discoverability**:
   - In the team's channel description, list key tags + what they mean
   - Pin a message "Common tags in this team" with examples
   - `/who <service>` slash command (custom) — reverse lookup (who's in tag X?)

12. **Adoption**:
   - Pilot: 3 critical services migrate
   - Measure: % cross-team queries using tags vs @mention-individuals
   - Expand based on positive signal

Output as: (a) tag taxonomy, (b) naming convention, (c) dynamic membership mechanisms, (d) on-call rotation sync, (e) lifecycle management, (f) cross-team usage rules, (g) discoverability patterns, (h) adoption plan.

Bias toward: dynamic > static, single source of truth (AAD / on-call), short naming, lifecycle review.