This article shows the permissions that Recore Governance Needs.
Rencore Governance needs specific permissions in order to operate correctly below is a list of the permission needed as documented by Microsoft which can be found here.
Connect to tenant
User Impersonation (Delegated).
Governance for PowerAutomate, Teams, Office 365 Groups
Governance for SharePoint
Sites.FullControl.All (Application to retrieve site owners, workflows, sandboxed solutions).
Governance for Teams Messages