Develop a SharePoint Governance StrategyBring a Sheriff to the SharePoint Wild West
This research is designed for…
This research will help you…
Understand what SharePoint elements require governance.
Create a SharePoint governance model and plan.
Govern SharePoint on an on-going basis.
CIOs and IT managers who have already made the decision to deploy, or have deployed, SharePoint.
Deployments with moderate complexity and informal processes.
Enterprises and SharePoint deployments of all sizes.
Use this research to get a handle on what needs to be governed and how you can govern it to achieve operational success.
Regardless of version deployed, enterprises are finding out the hard way that SharePoint won’t govern itself. SharePoint’s explosive popularity has often meant
that planning has taken a backseat to deployment, and many enterprises find themselves in a Wild West environment. Without sufficient planning, SharePoint is
often used recklessly if at all. Understand the common issues and develop a governance model to restore order and smooth operational management.
Consult “Select the Right Collaboration Platform “ and “Evaluate SharePoint for ECM” for help with SharePoint evaluation. For SharePoint Development see “Manage a SharePoint Customization & Development Team”.
Introduction
• Develop a strategy around architecture, security, maintenance, storage planning, development, and policies; the sooner the better. Ideally this should be well before deployment, but can still be done years later if necessary.
• Don’t let additional governance needs deter you from using SharePoint 2010; with more requirements comes more included governance functionality.
• Involving business stakeholders has the largest impact on operational success.
• SharePoint should never be deployed without planning or governance considerations.
• SharePoint will become a mission critical application, with or without you. If you’re not prepared, disaster is only a matter of time.
• Governing SharePoint is not just throwing a team together or rehashing old policies. Design and configuration of SharePoint is a key responsibility for modern IT Business Analysts.
Info-Tech Research Group 3
An ungoverned SharePoint threatens more than business requirements -- it can bring your business to a grinding halt.
• SharePoint can be effectively governed by having a few basic processes, policies, and standards in place.
• Training will make or break your SharePoint deployment.• Effective governance goes beyond design and can mitigate the risk of
operational issues.
Un
ders
tan
dS
trate
giz
eM
an
ag
eExecutive Summary
Strategize ManageUnderstand Formalize
• Govern or fail: the choice is yours.
• SharePoint success is a factor of use cases, so govern accordingly.
• Set up SharePoint like a content database, not a fileserver.
• Follow Info-Tech’s SharePoint Governance Model to cover all the bases.
4
Governance activities aren’t optional
SharePoint Governance Strategy Roadmap
I
Dedicate resources to SharePoint governance or your initiative will fail
SharePoint governance isn’t a ‘nice to have’ that only really applies to large enterprises.
Though upfront costs, if any, are limited, and it is easy to deploy from IT’s perspective, SharePoint should never be deployed without governance considerations (use, content, design).
SharePoint is a content database, not a file system, making features and management exponentially more complex; once it’s set up, it is notoriously difficult to alter, so the importance of preparation cannot be understated.
It’s a very nice tool, I really love it, but it must be planned in the beginning because it’s tough to go back and restructure once it’s going. After two years, it was a big mess. No standards. Problems in the backend with disk space, massive document uploads, users adding list fields on the fly.- Senior Business Analyst, Distribution
SharePoint without governance can result in more cost, time, and grief in any number of ways.
•Users can bring down the system without proper access controls
•Confidential documents can be compromised if security measures aren’t in place
•Document management will be nearly impossible without maintenance guidelines
•Poor navigability and maxed out capacity by content sprawl
•Use may cease if the application is too difficult to use and navigate
•Collaboration initiatives fail as business requirements go unmet
“
”
Licensing: $105,000
Five year TCO: $630,000
Govern SharePoint to unlock the benefits of existing costsW
ild
West
Gove
rned
Initial Costs are the same… but a Benefits gap… creates different Outcomes.
Business requirements are achieved effectively with SharePoint.
IT can quickly and effectively manage SharePoint.
Grief level is low for IT and business users.
Negative benefits exist and create new costs:•Poor user acceptance•Overtime work•System outage•Lost productivity
Grief level is high for IT and business users.
SharePoint 2010 (Standard CAL) for 1,000 users, 3 server farms, 2 WFE servers and SQL
Staffing: $105,000 annually
1 SharePoint Administrator and 0.5 Business Analyst
Licensing: $105,000
Five year TCO: $630,000
SharePoint 2010 (Standard CAL) for 1,000 users, 3 server farms, 2 WFE servers and SQL
Staffing: $105,000 annually
1 SharePoint Administrator and 0.5 Business Analyst
Costs accumulate every year while SharePoint becomes more and more broken.
The longer SharePoint remains ungoverned the more difficult, time-consuming, and expensive it is to bail out.Initial time and grief investment in governance activities pays dividends.
While benefits are difficult to quantify, they will exist and negative benefits will be avoided.
Case Study: Without Governance, SharePoint failure is inevitable
• Lots of inexperienced users were given full permission rights.
• A project manager reset access at the root level, locking everybody out.
• Restore to a workable solution took IT 48 hours where “nobody went to sleep.”
• IT independently locked it down using permissions.
• Instability created a new wave of user antagonism.
Healthcare firm’s SharePoint deployment implodes without governance.
• Started on Windows SharePoint Services
• Two instances:• Internal site for
document library, project management, compliance and collaboration
• External site for collaboration with partners and BI
• 175 of 200 employees access SP daily, 25% of have SharePoint open at all times.
• Employees saw the value, adopted en masse, and it became mission critical.
• Quickly became dependent but there were no rules and the basic version was short on resources.
• Middle management tried to create a governance document, but didn’t get traction.
• Created the document, but without ownership it was abandoned.
You can plan for change or it will change for you and you won’t have any control. To use SharePoint
effectively it’s pretty much required that you have a governance group and meet regularly. - Director of IT, Healthcare
“”
The Situation goes… from bad… to worse.
Complexity
Use Case
Scale
Everyone needs governance, but some factors create additional risk
• More than 250 users use SharePoint.• More than 2 instances of SharePoint are
deployed.
Info-Tech Research Group 8
• SharePoint is being used across multiple geographic offices or across countries.
• The Enterprise is subject to regulatory requirements.
• User permissions need to be set up below the department level.
• SharePoint will be used for more than 3 unique use cases (e.g. intranet, collaboration, ECM).
• SharePoint will be used for ECM, records management or as an extranet portal.
Scale, complexity, and use cases all complicate SharePoint initiatives and
significantly increase the risk of disaster if left ungoverned.
Actualize SharePoint governance to mitigate risk & realize benefits wholesale
Info-Tech Research Group 9
1.Co-developing a Governance Plan with the Business
2.Creating an Information Architecture Model3.Setting up Permissions for different User
Profiles4.Creating Policies around Content Retirement
Governing SharePoint means:
Enterprises who invested high effort in SharePoint governance activities were 81% more successful than those who invested low effort.
Met business requirements
Met user adoption goals
Manageable for IT
Users follow policies
Search effectiveness
IT responsiveness
Compliance issues are manageable
Enterprises with the highest governance effort ran laps around those with the lowest governance effort: 7.7x
5.9x
1.7x
6.2x
5.4x
1.5x
2.1x
Source: Info-Tech Research Group
Treat SharePoint as a Content Database not a File System.
Complexity makes solution design mission critical
• Unlike hierarchical File Systems, SharePoint can sort, list, and group based on advanced formulas.
• This means that folders-within-folders structures aren’t ideal, since folders don’t allow for multiple memberships, e.g. sort by author and project.
• To optimize SharePoint, use custom views to organize content, and use folders to sort based on audience and access control only.
• These advanced organization options make proper metadata increasingly important.
• Trying to use SharePoint like a file system will result in process inefficiencies, poor navigability, and broken folder-within-folder due to URL length limitations.
• The inherent complexity of properly designing a content database like SharePoint necessitates a co-operative solution design between IT and the business.
• IT must distill the site creation process down to individual steps, and ensure that each step is tied to a particular business question or requirement.
• Ideally one or more Business Analysts should be involved in this process.
• Once use cases have been defined, relevant canned templates can be presented to business decision-makers so they can decide which best suits their requirements.
Follow Content Database Best PracticesDon’t treat SharePoint like a File System
Content Database (SharePoint)Hierarchical File System
Use Info-Tech’s SharePoint Governance Strategy Model to cover all your bases
Info-Tech Research Group 11
12345
Architecture is the structure of information and is the backbone of SharePoint’s content system.
Access & Ownership matches user access control and permissions to the information architecture as well as determines who is responsible for each sub-site.
Maintenance covers both content lifecycle management and backup/restore process.
Storage Planning encompasses capacity planning, storage quotas, and scalability.
Development and customizations requires a strategy and is often ill-advised.
Policies & Standards refer to the written rules and guidelines governing SharePoint operation.Develop a strategy around each element as soon as possible. Ideally this
should be well before deployment, but can still be done years later if necessary.
Info-Tech Insight
Formal governance structure or not, all of these elements must be considered when deploying SharePoint, as soon as possible.
Follow Info-Tech’s Governance Strategy Model Understand the elements
SharePoint governance is not one-size-fits-all. Pick a model, whether it’s a Chevy or a Cadillac
GlobalBasicNothing AdvancedNo governance strategy is in place. The ‘wild west’ of SharePoint.
Minimum requirements in place to prevent SharePoint disasters.
Formal governance plan and documentation dictate operations.
Extensive governance over all dimensions of operations.
Ideal for large enterprises deploying SharePoint worldwide.
Never appropriate and a recipe for disaster.
Appropriate for small scale deployments and simple configurations.
Recommended for larger, more customized deployments.
Sit
uati
on
Audie
nce
Based on your answers to a series of questions about your environment, the tool will recommend an appropriate strategic path for your organization.
Use Info-Tech’s SharePoint Governance Maturity Assessment to determine which strategic path to follow.
ADVANCEDBASIC GLOBAL
SharePoint Governance Maturity
Strategize ManageUnderstand Formalize
• Prepare a governance team before focusing on strategy.
• Design the solution then develop policies and standards.
• Understand the most painful scenarios so you can avoid them.
• Keep a pulse on social tools in SharePoint 2010.
Follow Info-Tech’s SharePoint Governance Strategy Model
SharePoint Governance Strategy Roadmap
II
Develop an appropriate SharePoint governance strategy for your enterprise by following Info-Tech’s model
Info-Tech’s Governance Strategy Model will guide you through the strategic decision making process.
Info-Tech Research Group 14
12345
When reading the Strategy section follow Info-Tech’s Governance
ADVANCEDBASIC
Model Roadmap to keep track of where you are in the process.
Follow the orsigns in each section based on the results of your Governance Model Assessment.
Begin your governance strategy by building your governance team and planning for business consultation along the way.
Stay on the right trail…
Build the governance team to make policy & design decisions
Info-Tech Research Group 15
The SharePoint governance team should be comprised of members from across the enterprise.
IT members should be those who handle system use policies and application maintenance.
Representatives from HR, Communications, Marketing, and business silos should also round out the team to ensure design and use accord with enterprise standards.
A team of five to seven members is ideal.
The team should have a standing quarterly meeting, though new capital expenditures and content issues may trigger interim meetings.
In a basic setup, most support functions will come from IT.
ADVANCEDBASIC
The team-building process won’t vary with maturity, though including the right people becomes increasingly difficult and critical.
Expect resistance to participation out of fear that this is a highly technical issue.
While learning some technical details will be necessary, this is a business issue.
Communicate clearly that this is a policy-building activity as important as any other mission critical application or infrastructure setup and that departments sending resident techies isn’t acceptable.
Seek people with knowledge of what [SharePoint] can do for the organization and insight into how to set up the management structure for it.- IT Director, Healthcare
“”
See Slide 31 for Info-Tech’s Governance Plan Template
Consult business units at every level of the decision-making process to improve operational success
Info-Tech Research Group 16
In addition to decision-making involvement, business users can ultimately become responsible for many maintenance activities, lessening the burden for IT.
Enterprises with high business involvement reported 65% higher operational success than those with low business involvement.
Enterprises that involved the business, experienced higher operational successes
Involving business stakeholders has the largest impact on operational success
SharePoint use case drives governance requirements.
Prepare accordingly to mitigate this risk
Intranet Portal
Extranet Portal
Collaboration
Content Management
Business Intelligence
Search
Forms & Process Automation
Use Case Risk Outlook Guidance
79%
35%
77%
35%
33%
59%
9%
LOW
LOW
LOW
LOW
HIGH
HIGH
HIGH
Incorporate extranet design and integration into your strategy early. See Slide 21.Tackle separately from SharePoint governance. Hire consultants. See Slide 19.A different beast. See Decide Whether Microsoft BI Fits the Bill for guidance.
A standard Governance Plan will suffice. Address structure and security foremost. A standard Governance Plan will suffice. See Slide 28 if deploying Social Tools.
Information Architecture is your paramount concern. Plan it properly.
Design more automation up front to maximize end-user ease-of-use.
Adoption
N = 47 Source: Info-Tech Research Group
Design an appropriate information architecture; it’s your most important task and cannot be
overlooked
There is no such thing as a basic architecture strategy; its setup is so critical and irreversible that it must be planned for in great deal as early as possible.
Start by estimating resources required and allocate responsibility to do it or it won’t get done.
Use business requirements and user groups as inputs when designing the architecture, and expect to be making access control decisions simultaneously.Architecture setup means answering these questions?• How will metadata be used?• How will content be organized?• Content availability• Content creation templates
Ensure proper design
•Create a sitemap that outlines the overall structure.
•Define characteristics and owners for each section of the pyramid, starting at the top and working down.
•Determine how users will navigate through the site.
•Plan how search will be configured.
BASIC See Slide 33 for Info-Tech’s Information Architecture Template
Use consultants & architecture management features to setup more advanced information
architectures
Advanced information architecture planning is difficult. Hire a consultant.
Scale & complexity make design exponentially harder as governance, architecture, and taxonomy bleed together.
Acquaint yourself with SharePoint’s Architecture Management Features:• Content types and requirements for each• Site content and structure• Information Rights Management for
documents• Blocked file-types• Web Content Management• Managed metadata/taxonomy
ADVANCED
If you deploy without the right structure, taking it back is almost impossible.- IT Consultant, Professional Services
“”
Planning overall site design is crucial in ensuring ease of use and end-user acceptance.
SharePoint 2010 offers advanced meta-data management.
Every SharePoint user’s permissions must be considered and set up.
Overcome system stability and compliance risks with a comprehensive security strategy
Security strategy answers the question ‘who can see which content?’
Security strategy development must be done jointly by IT and department contacts.
Determine who has access to each sub-site, and whether departments can see each other’s documents.
Determine who has the authority to grant and change user permissions, and how to address conflict between system administrators and business users.
[Security] takes a long time, maybe 30% of total effort. I was brought in for the whole thing and security ended up surprising us.- IT Consultant, Professional Services
ADVANCED
Dedicate resources in line with user volume, and consider consultants when internal resources are insufficient.
Info-Tech recommends enterprise-wide planning meetings and consultant use for enterprises using SharePoint for records management or in a compliance environment.
“
”
• List roles within the organization.• Use department contacts to determine what each role will
need to access to perform their job.• Have IT set up these permissions in SharePoint based on
Active Directory group memberships.• Establish process for addressing overlaps and controlling
updates.
BASIC See Slide 34 for Info-Tech’s User Access Management List
Enterprises using extranets were more than twice as likely to require custom
development.
Using SharePoint as an Extranet requires additional design and security considerations
Collaboration with external partners is often extremely beneficial, but confidentiality management beyond the firewall is tough.
•Login-based portal access is ideal for access control so only the right external users can see the content.
•With sensitive data, additional business planning around compliance is recommended.
Operating an intranet and extranet instance of SharePoint requires additional considerations:
53% 23%
N = 47; Source: Info-Tech Research Group
Customized, Deployed Extranet
Customized, Didn’t Deploy Extranet
•How will you connect the two platforms/portals together, and how will you connect it with partner platforms outside the enterprise?
•Anticipate document management issues, e.g. how will you deal with multiple copies of the same document inside and outside the organization
•Determine whether the intranet will be used for the extranet and whether its design will mirror the enterprise’s other public-facing content.
Develop a maintenance strategy or risk eroding the
rewards of your architecture & security tribulations
Info-Tech Research Group 22
SharePoint provides the following tools for maintenance and governance:
• Site templates to promote consistency• Quotas to limit size and regulate content• Locks for content regulation• Workflows to enable Business Process Management• Self-service site creation to limit IT’s role• Web app permissions/policies for central configuration• SharePoint Designer• Sandboxing for developing solutions in restricted environments• Auto-deletion to organize content
IT will need to be able to handle technical issues on a monthly basis.
While dedicated SharePoint administrators are likely overkill, maintenance duties can be allocated to existing system administrators.
Appoint a single point of contact for support and knowledge transfer to assist with large data volumes.
ADVANCED
As long as standards are communicated, maintenance tasks can be handed off to business users and IT involvement is only necessary for the most technical issues (e.g. restoring from backup).
BASIC
Advanced SharePoint physical infrastructure planning is a process unto itself. Consult TechNet’s “Plan for server farms and environments” for additional guidance.
Complete capacity planning based on front-end & maintenance designs
Info-Tech Research Group 23
Is scalability desired?•If yes, estimate future demand and use storage and hardware to support it.
Will there be quotas?•If not, predict growth of each site carefully.
Will there be upload size restrictions?•Use restrictions to prevent unnecessarily large documents from occupying space.
Will rich media be uploaded?•Rich media (e.g. videos) requires substantially more storage, so only enable them when necessary.
How long will documents be kept?•Shorter refresh cycles free up space by clearing old content.
Will auto-deletion be used?•Use auto-delete to minimize orphaned junk and keep storage needs down.
ADVANCEDBASIC
When clustered environments and scalability needs are paramount, deploying multiple systems or farms may be required.
Deploying SharePoint on virtual infrastructure should be considered when scalability issues exist around existing servers or when automated server deployment is desired.
SharePoint 2010 is recommended for these scenarios as it offers more advanced and flexible configuration options.
Let these questions guide back-end requirements:
Customization is resource-intensive & often unending. Prioritize ruthlessly to determine where
it’s necessary
Deploying a new application in SharePoint is non-trivial. It takes six hours of someone babysitting.- IT Director, Education
Turning customizations on is easy, developing new functionalities is hard.- IT Director, Education
ADVANCED
Don’t undertake any customized development unless it is absolutely necessary for fulfilling business requirements.
Without highly capable in-house developers, SharePoint customization is a lost cause.
Leverage pre-customized web parts for more advanced functionality rather than developing in-house.
While SharePoint 2010 does offer a sandbox environment, Info-Tech clients have reported that it hasn’t performed as desired.
For a comprehensive guide to development, see Info-Tech’s SharePoint Development Solution
Set.
“
“
“ “If you absolutely must develop, use SharePoint API’s to help relieve some pain.
Use SharePoint API’s so developers can:•Quickly create solutions without re-writing code, methods, or objects that already exist.•Connect to other applications and systems•Create applications that run inside SharePoint or the reverse; integrate SharePoint into solutions using the Client API, Web Services or REST to access SharePoint data.
BASIC
SharePoint records management isan uphill battle
Info-Tech Research Group 25
SharePoint isn’t ideal for records archival, especially at high volumes, given its weak management tools.
While SharePoint can handle records that are native to SharePoint, handling non-native or external records requires custom development and is not recommended.
SharePoint records management issues typically stem from the fact that complying with regulatory requirements is extremely difficult.
Have a compliance expert design an enterprise file plan before any SharePoint records management planning begins.
SharePoint’s is not a DoD 5015.x compliant solution.
• Manage SharePoint content transparently and as business records.
• Manage all SharePoint and external records in the same system, regardless of whether that system is SharePoint
• Implement enterprise-wide records management policies
• Setup pre-defined business rules to manage records rather than having end-users do it manually.
Follow these principles to increase staff productivity and streamline both information management and compliance activities.
Understand Records Management Issues Follow the Best Practices
Use policies & standards to communicate use guidelines, and prevent being undermined by rogues
Info-Tech Research Group 26
• Creating new sub-sites: Determine site ownership, security, database administration, and navigation.
• Page layout: Be consistent, minimize scrolling
• Blogs/wiki: Is personal information acceptable?
• Announcements: Aim for concise
• Security: Plan in design phase, communicate with users to determine appropriate access
• Branding: Use standards, consider co-branding and differences from external branding
• Document libraries: Promote protected formats, native formats are best, and PDF big files
Start by deciding which activities require policies or standards.
Compliance issues, or activities to be followed without deviation will require policies.
Topics to be evaluated should include: content oversight, site design, user experience, site management, and security.
• Posting to existing pages: one copy only, naming formats, refresh/delete cycle
• Posting to the homepage: ownership/oversight, how to deal with department conflicts
• Posting to profiles: What content is appropriate?
• Promote use and personal info, underscore appropriateness
• Social tools: Will they be used? How? Determine expectations.
• Records retention: Define records and required policies
• Content audit: Determine frequency and type
Content policies & standards Design policies & standards
ADVANCEDBASIC
Be prepared: SharePoint 2010 has even more to govern
Info-Tech Research Group 27
Administration
Social Collaboration
Information Management
Integration
System Considerations
What to do
• Keep a pulse on activity without overbearing governance. See Slide 28 for more guidance
• Incorporate new development requirements into the governance plan• Control the sandboxing environment
• Leverage new information management policy features, e.g. enable the auditing policy for document libraries
• If upgrading, schedule the implementation to coincide with planned server upgrades
What’s New*
•Sandbox development environment•PowerShell scripting language•Multitenant hosting and resource-
sharing
• SharePoint 2010 requires 64-bit servers running 64-bit Windows Server 2008 and SQL Server
•Digital asset library for all content•eDiscovery for audits and litigation•Improved metadata management
• Employee profile pages and activity feeds• Social tagging of relevant content• Knowledge-sharing wikis
*See Appendix for additional new features
•SharePoint Workspace offers Office, Visio, and Exchange 2010 integration
•Publish Silverlight applications
•Review content publishing process•Invoke additional web design
controls for rich content
Info-Tech Research Group 28
Let users self-govern social tools toimprove productivity & knowledge-sharing
SharePoint 2010 includes a number of new social tools, which cannot be divorced from its content management features.
The new tools, SharePoint Communities, integrate with existing content management and include:•Employee profile pages•Employee activity feeds•Social tagging•Knowledge-sharing wikis
The value proposition of social tools centers on:•Knowledge sharing enables the transfer of information and expertise, through publishing information and subscribing to activity feeds.•Productivity is enhanced by enabling team members to access enterprise-wide data without management intervention. Tools include activity feeds, instant messaging and web conferencing.
One mistake that a lot of organizations make is creating walled gardens. Team pages, wikis, and content management sites need to be as open and transparent as possible - they shouldn’t reflect organizational and departmental boundaries. Anyone should be able to access shared knowledge.-Steve Brewer, FONA International
“
“
Create an acceptable use policy before deployment and keep a pulse on activity to ensure it isn’t being used inappropriately.
The value of social tools is in peer-to-peer use, so any superfluous architecture will discourage use and undermine the business case.
Unlike other aspects of SharePoint, users should be encouraged to set-up communities and self-govern them.
Strategize ManageUnderstand Formalize
• Write the Governance Plan.
• Case Study: Portrait of a Comprehensive Governance Strategy
• Use Info-Tech’s Governance Templates as a starting point.
• Understand the challenges of governing a global SharePoint initiative.
Create a formal plan to document governance activities
SharePoint Governance Strategy Roadmap
III
Write the governance plan
Info-Tech Research Group 30
• Outline how SharePoint will meet business requirements and create value.• Overview Objectives, Scope, Risks, and
Strategy.Roles & Responsibilities
Delineate:• Executive Sponsor/Champion• Governance Board/Steering Committee• Business Owner: Business design and functionality• Solution Administrator: Technical design and
functionality• Metadata Steering Committee or Individual• Site sponsor: Content manager with a business
focus (collection/review/publication)• Site steward: Technical design and day-to-day site
management
Have members contribute based on expertise:• Who is responsible for technical management?• Which social tools will we use?• Who will create new sites? Who will have access?• Who is responsible for page design?• Who is responsible for Metadata?
• Refer to existing IT policies for appropriate use, confidentiality, and compliance issues.• Create policies and standards as needed
aroundsecurity, site design, content principles, e.g.• Existing IT rules still apply• Consistent user experience• Role-based security• All sites/pages must have an owner• One copy of each document onlyCommunication & Training
•Communicating with the business•Communicating with the governance team•Initial training for all users, including content and delivery mechanism•On-going support, both operational and end-user
1
2
3
4
Vision Statement & Business Case Policies & Procedures
Use Info-Tech’s Governance Plan Template to get a head start on the process
Info-Tech Research Group 31
The SharePoint Governance Plan is the Governance Team’s most important deliverable and serves as the underpinning of your entire SharePoint Governance Strategy.
Leverage Info-Tech’s Governance Plan Template to assist in the development of this plan, specifically as it pertains to your:
•Vision Statement•Roles & Responsibilities•Policies & Procedures•Communication & Training Make sure the governance team stands
behind the plan. If they don’t agree on the plan they won’t actually use it.
Case Study: Govern SharePoint like a boss
Info-Tech Research Group 32
Research firm plans ahead and reaps the benefits.
Situation Action Outcome•500 MOSS 2007 users,
team collaboration and extranet for partners
•Each division has a site (20 in total) and a primary portal area for shared content:• Each has a site collection
and content database• Shared content, calendar
“People were dying to have it but didn’t necessarily know it until they saw it.”
- Manager of IT, Research
•IT created a Governance Plan with some consulting help outlining:• How sites will be used• Security (permissions,
preventing restores)• Architecture (mapping site
collections)• Semi-formal central governance by IT application delivery group• Trained business users so they could govern sub-sites.
•Grassroots user adoption•The plan helps users
understand what SharePoint is and how to use it
•IT staff knew their boundaries and took their time with the deployment
•Attribute success to preparation and planning
“Honestly, we haven’t really had any major [operational] challenges.”
- Manager of IT, Research
Use Info-Tech’s Information Architecture Template to help design your own structural model
Info-Tech Research Group 33
An Information Architecture Template is a critical piece of documentation and a helpful architecture planning tool regardless of whether formal documentation is actually required.
Leverage Info-Tech’s SharePoint Information Architecture Template to design and document your own enterprise’s SharePoint architecture using the following considerations:
•Internal sites•External sites•Public access sites (all staff)•Private/Departmental sites•Central IT Administration
The Template provided is a sample. Use it as a guideline to develop an
information architecture that’s right for you.
Use Info-Tech’s User Access Management List to outline appropriate permissions for SharePoint users
Info-Tech Research Group 34
Keeping track of user permissions is an arduous process, especially for large-scale SharePoint initiatives, and in situations where SharePoint’s default settings don’t match enterprise needs.
Leverage Info-Tech’s SharePoint User Access Management List to establish and keep track of permissions for every user who will have SharePoint access.
Sort user accesses by:•User Type•Access Type•Department•Site•Sub-site
Keep track of all SharePoint user permissions, default and custom, in one
place.
• SharePoint is being deployed globally, with templates for country and department sub-sites.• One static, centralized government team handles design.• Deployment is phased, architecture design alone takes six months.
• Granular security controls requires in-house development of a management tool.• Controlled budget process creates delays.
Global-scale use still requires a tight centralized governance team
• The governance required for a global SharePoint initiative is an evolution of Info-Tech’s advanced model, though the importance of formal policies and standards is increased.
• Like the advanced model, executive involvement is essential.
• While regional, decentralized contributors are helpful for content considerations, a centralized governance team is required to ensure design consistency across all sites.
• Expect to use consultants, as the cost of a botched effort will far exceed consulting fees.
• Phase deployment regionally and monitor closely; deployment in one fell swoop is a guarantee of failure.
Case Study: Global bio-tech company hires consultants, struggles with user access management.
GLOBAL
SharePoint is sold as the next generation of ECM, but it’s not there yet.-Consultant, Professional Services
“
“Situation
Challenges
Info-Tech Research Group 35
Strategize ManageUnderstand Formalize
• Understand and overcome the top challenges of on-going governance.
• Training makes or breaks deployments.
• Audit SharePoint use annually for optimal results.
Governance is a process, not a project. Manage SharePoint for operational success.
SharePoint Governance Strategy Roadmap
IV
Case Study: A Senior Business Analyst gets a second chance at SharePoint Governance. You won’t.
Info-Tech Research Group 37
Hallmark Tubulars reaps the benefits of Fabian Asin’s second SharePoint implementation.
“ ”
The first try… The second chance… The success factors.
• Previously used as document management platform for five departments with 5-15 employees each.• Governance wasn’t considered at all and became an issue when sharing across business units was nearly impossible• No responsibility for adding new users, making groups, granting user permissions
“Nobody was seeing to the overarching structure. It was growing too fast with no czar.”
• Hallmark wants SharePoint for 100 users across 7 business units.• Permissions and structure will be planned first. • Business users will be trained to help define roles to handle permissions
• Records management and extranet portal will be the biggest challenges.• Planning ahead is necessary
but tough to do before deployment.• Need to create policies
around document upload and retirement• Need to anticipate site
traffic for capacity planning• Currently managing
confidentiality with external partners so only the right external people can see the content
“We won’t deploy without understanding the structure and the requirements. What are we going to do, who will have access and how will we control and monitor the platform?”
How can you anticipate all the issues and costs that you may incur and have the platform up and running in a timely and cost-effective manner? That is a big challenge.- Fabian Asin, Senior Business Analyst
End-user adoption is the most important – and most overlooked – component of SharePoint project success
SharePoint teams frequently overlook end-user adoption; they also perceive information organization to be very important, despite its weak contribution to project success. They
typically over-emphasize the importance of planning for post-implementation maintenance and support.
The key to driving end-user adoption is training.
Contribution to Project Success
Training will make or break your SharePoint deployment. Take a formal approach to ensure end-user adoption
39Info-Tech Research Group
Advanced Manual
Minimum Manuals
• A run book; include network configurations, reboot procedures, monthly/daily maintenance, and troubleshooting guidelines.
• Have one copy in IT.
• A step-by-step description of the tasks to be performed by a department; include screen shots, written descriptions, and an index.
• Have one per department, tailored to that department.
Early Adopters• An employee in a department quick to adopt new technologies and
processes. • Usually someone who has recently joined the company and has not
developed habitual methods of doing things.
Info-Tech Research Group 40
Setup training activities over the entire SharePoint lifecycle
Initial Training
Community Development
Renewal Training
Issue JustificationAction
• Acquire end-user, help desk, developer, and administrator training resources. • Develop administrator policy
guides describing enterprise policies and developer policy guides describing enterprise development policies.
Training users on SharePoint’s capabilities and enterprise policies is the most important step in ensuring SharePoint consistency and manageability.
• Create online forums where users can support each other and ask questions. • Create opportunities for face-to-
face informal training e.g. lunch and learns.
Having users discuss the kinds of solutions they've implemented helps them understand the most effective ways to utilize SharePoint.
• Plan for renewal training which shares group best practices with the enterprise.• Perform periodic audits to
discover what features aren’t being utilized and which aren’t being utilized correctly.
Formally defining your intention to review progress from a user adoption standpoint encourages review of the solution and what additional training is required.
Info-Tech Research Group 41
Wrangle operational issues before they rustle your content
Monitoring
Uptime & Downtime
Disaster Recovery
Quotas
Reporting
Issue JustificationAction
Data & DocumentRecovery
Establish monitoring at the server, site, and SharePoint level; define responses for each failure.
Unavailable systems cannot be used by users. A layered approach to monitoring encourages platform issue awareness.
Define scheduled downtime periods and communicate unscheduled downtime reporting and response procedures.
Downtime is needed for patching. Communicating this process will calm users when it does occur.
Plan for single file, multiple site, server, and geo-disaster recovery.
Disasters will happen. Planning for them further reinforces commitment to the platform and that it will remain available.
Codify corporate records management requirements into SharePoint and define site archiving rules e.g. approvals.
SharePoint helps with records management; defining how aligns it with the corporate governance.
Establish storage quotas by site type and a process for requesting a larger quota.
Storage is everyone’s responsibility and establishing guidelines can help provide reasonable disk space use controls.
Define required auditing reports, establish storage usage reports, and develop activity based reporting for admins and users.
Reporting is essential for compliance. Activity reporting helps the enterprise to understand SharePoint’s value.
The Annual Audit should be undertaken by the Governance Team and aligned with regular
meetings.
Review your governance strategy yearly with Info-Tech’s SharePoint Annual Audit Template
Info-Tech Research Group 42
Info-Tech’s SharePoint Annual Audit Template will help you conduct an annual assessment of the existing SharePoint environment.
It will consider a variety of different factors to construct a strategy for the ongoing operation of the SharePoint system.
Use the audit to evaluate and establish:
•Strengths, Opportunities, and Recommendations around each use case.
•Issues and anticipated challenges with SharePoint front-end, support model, back-end functionality, and governance policies.
•Project recommendations and next steps.
Summary
Info-Tech Research Group 43
• There is no scenario in which SharePoint should be deployed without planning or governance considerations.
• SharePoint very quickly becomes a mission critical application, with or without you. If you’re not prepared, disaster is only a matter of time.
• Governing SharePoint is not just throwing a team together or rehashing old policies. It is a procedure and a business analyst job function, not a one-time project.
• The sooner you can develop a strategy around each element, the better.
• Don’t let additional governance needs deter you from using SharePoint 2010; with more requirements comes more included governance functionality.
• Designing an appropriate information architecture is your most important task and cannot be overlooked.
• Every SharePoint user’s permissions must be considered and set up.
• Assign responsibility for SharePoint maintenance or it won’t get done.
To succeed, every SharePoint initiative requires a strategy around architecture, security, maintenance, storage planning, development, and policies.
Appendix
Info-Tech Research Group 44
Recommendations
45Info-Tech Research Group
SharePoint 2010 offers collaboration tools &plenty of shiny features
Use SharePoint 2010 as a collaboration and content solution. In the past, organizations had to look at add-ons, like Jive and Telligent , for advanced collaboration features that could be added onto their existing SharePoint content repository.
SharePoint Server Application Integration
• Sandbox development environment• Site-level workflows for complex business scenarios• Advanced PowerShell scripting capabilities• New logging Object Model for server use analytics
• Dedicated Silverlight Web Parts• New simplified “Business Connectivity
Services”
• Microsoft Office-style Ribbon interface• Restructured master pages for creating new site
content• Mobile device alerts over “Office Mobile Service
Protocol”• New SharePoint Workspace Mobile client for
Windows Mobile devices so Office content can be taken from SharePoint offline
Administration and Security
Integration
Features
• Improved social networking tools• ECM features (digital asset management,
document IDs, metadata navigation, records management, and eDiscovery)
• Enhanced search features (ranking model schema, expanded relevance factors for social data, improved people search)
• PerformancePoint Services• Create self-service no-code solutions with
Composites.
• “Visio Services” enables real-time Visio access.• SharePoint Workspace (Office 2010) extends
offline capabilities• Multiple people can simultaneously author content• Expanded calendar interoperability with Exchange
Tools
Factor in the server costs – hardware and software. SharePoint 2010 requires 64-bit servers running 64-bit Windows Server 2008 and SQL Server. If upgrading, schedule the implementation to coincide with planned server upgrades.
Windows Server 2008 64-bit users should try SharePoint Foundation. Enterprises running Windows Server 2008 64-bit should take advantage of SharePoint Foundation 2010 when it is officially released, since the license will be included with the server software.