Governance in SharePoint is all about how we govern the system, implement a better process so that IT and Business work effectively to get a better ROI out of the SharePoint Implementation.
I have laid down my experiences of how the governance around SharePoint is implemented and this might or might not suit everybody’s requirement. Governance implementation may vary from organization to organization depending on requirements.
The implementation of the SharePoint platform in a large organization creates a paradigm shift in the way people collaborate and Manage information. The Shift affects all people in an organization. So proper planning, implementation and support of SharePoint infrastructure will be a critical success for user adoption in the organization.
SharePoint is provided as a service by the IT Organization for the Business. Planning for People, Process and tools involved to manage the SharePoint environment is the first step.
An enterprise needs to think about the different roles, skills and expertise required for managing a SharePoint implementation. A typical large scale SharePoint implementation would require multiple teams to manage SharePoint platform. There can be mix of people from different groups but the members should have the skill to execute the responsibilities. I have laid down some of the key teams below.
Team Roles & Responsibilities:
Owner of the SharePoint Application
Makes decisions and approves major requests from the Architecture, Governance, Sustain teams.
Ensures that SharePoint service is provided effectively for the organisation.
Owner of the SharePoint Architecture
Design and Develop the SharePoint Implementation.
Reviews and decides the SharePoint infrastructure high level change requests.
Decides on major development requests and identify on whether the solutions can be made in-house or sourced to a vendor based on the cost, complexity, time and skills required to implement it.
Govern and Control usage of SharePoint Infrastructure.
Owns the Governance Plan.
Ensures that ROI is met with the SharePoint Implementation.
Design information architecture and ILM Policies.
Defines Usage Policies to meet organization goals.
Defines policies to manage the security and information lifecycle policies.
Drives Adoption and improve productivity for User base.
Ensures that the system is in compliance with the Governance policies by periodically auditing the environment
Sustain Team (Change, Incident and Availability)
Sustains the SharePoint infrastructure being the owner of the running system.
Supports end users for issues.
Ensures that SharePoint availability meets as per the SLA agreements defined by the governance team.
Implements change requests from other teams
Application Engineering Team
Technical Engineering team that reviews and approves custom development requests.
Prioritizes the development requests from the business community and SharePoint Owners.
Develops technical solutions for business requests.
Owns Application Lifecycle Management practices
Develops SharePoint training materials for End users
Conducts training sessions on usability and features for end users.
Executes training requirements as defined in the governance plan.
The Governance team:
The Governance team generally consists of Business owners, Enterprise level Architects, Compliance officers, IT Strategists and Representative from the business who should drive strategic initiatives for their respective internal business organizations.
A Governance plan will be developed by the team which defines the Process and Procedures needed to regulate and control the usage of the SharePoint system.
The Governance team regularly audits the usage of the process to identify what works well and what needs to be tailored based on the changing business needs.
The Governance Plan:
Governance plan should have the below segments
1. Provisioning Governance
· SharePoint has a hierarchical set of containers where a provisioning process can be defined at each level. A request can vary from provisioning a new farm till provisioning a site collection in a farm.
· Moving Site Collection between Content databases, Moving Web Application between Farms are some of the provisioning examples that need to be planned by the governance on how it should be handled. The process for provisioning under a Site Collection will be defined by the Site Collection administrator and it is out of governance team’s scope.
2. Process Governance
· Define document management process such as usage, archival, content retention and expiration.
· Create procedures for managing new requests of application development and System Re-engineering requests.
· Create procedures that defines how IT Team support end user requests and issues.
· Training plan and procedures for end users.
3. System Governance
· Identify the different technical roles and responsibilities that would be required to manage the SharePoint system.
· Define service level and operational level agreements for SharePoint service.
· Global Operations Policies that include disaster recovery strategy,
· Application usage policies that defines
1. How an end user can get access and use the SharePoint system.
2. How a user can request for site collection and be an administrator for a site.
3. What type of content can be stored in SharePoint?
4. How to contact helpdesk or admins to get help on SharePoint usage.
· Define usage of software licenses, hardware and network.
· Define and classify content based on the business information that will be stored in the SharePoint.
· Define backup/restore policies.
· Define how and when does the Scheduled maintenance activity be performed.
· Define how to effectively communicate to end users for SharePoint service alterations, interruptions and additions.
· Define how and what level of support to be provided for the end users.
· Define Application lifecycle management process and practices.
4. Development Governance
· Define and review architectural practices similar to traditional software development.
· Should establish development, and testing environments.
· Define and track usage of standards for creation and deployment of custom code.
5. Data Governance:
The data is being stored in SharePoint by Information workers and content owners. So with their input, activities that can be performed within the content lifecycle can be defined and responsibilities to manage can be appropriately assigned for the stakeholders.
Content Lifecycle policies is about who can add content, type of content and to which repository it should be added, security restriction applied to content, rules around how content should be organized, when content gets expired, How it gets archived and how user can find content.
Below I have explained with a diagram about how data is being classified and stored within SharePoint
Sites are grouped in repositories that share certain common features and the repositories are identified by the same root address (URL). The pyramid below shows the relative percentage in each repository and the degree of governance and central control exercised on those repositories which should be implemented in a typical medium to large scale SharePoint implementation.
At the very top of the pyramid are a few highly regulated enterprise portals like Employee or Corporate Portal. At the middle, majority of SharePoint Sites fall under Team/Divisional Collaboration and Content Management category that are controlled and have a moderate business importance .At the bottom, MySite are the most numerous and least regulated of the sites. Every end user will be able to create a MySite and manage the content within their site.
Controlled SharePoint Policies and Procedures:
The Key to success of a SharePoint platform is to increase user adoption by making information about SharePoint easily available to end users. The common procedures like requesting a site collection by end users should be automated so that end users dependency on IT is reduced.
Below are some of the procedures that are controlled with policies and processes around it.
1. Request to provisioning a Site Collection. (Governed by Site Creation policy and Content owner Policy)
2. Request to increase storage quotas for Site Collections. (Governed by quota management and storage policy)
3. Request to increase the Sandbox points for Site Collections. (Governed by Quota management and storage policy)
4. Request to add new managed paths
5. Request for SharePoint training (Governed by global training policy)
6. Request for exposing the Site collection over the internet to external users.
7. Request for adding Search Keywords and Global Term sets for Enterprise Search platform.
8. Request for Security classification of a Site. (Governed by Information Lifecycle Management policy)
9. Request for Moving a Site into a different URL.(Governed by Backup/Restore policy)
10. Request for Vanity URL.
11. Request for content restore from backup. (Governed by Backup/Restore policy)
12. Site Renewal/Decommissioning process based on site lifecycle defined.
13. Request for SharePoint Common Apps to be provisioned. (Governed by App Lifecycle Policy)
A manual process or an automated tool can be built to manage workflows and processes for above SharePoint procedures.
To be Continued……..
In my next series, I have planned to share my experiences around Measuring ROI for your SharePoint Implementation, Information Architecture, Governance and Compliance.