Toggle search

Close search

close

Governance Best Practices for SharePoint 2013, Office 365, SharePoint Online

Posted by Errin O'Connor on Mar, 24, 2015 07:03

Governance Best Practices for SharePoint 2013, Office 365, SharePoint Online

Governance is sometimes used as a catchall term to refer to nearly any and all functionality and how it should be managed with a SharePoint 2013 and/or Office 365 or SharePoint Online initiative.

The word “governance” is also one that is sometimes frowned upon in some organizations due to previous failed governance projects. If your organization’s management has experienced previous failed efforts or has an overall distaste for the term “governance,” you should consider using an alternative word or term to describe the development of your governance strategy and related policies.

Governance is a key component to ensure long-term success and is unique for every organization. It should define who will manage the environment or overall platform and define the related granular roles and responsibilities within an organization to establish rules for its appropriate usage.

It should also outline how the business and technical users leverage the environment with a careful balance of required restrictions and enterprise compliance policies with well-defined procedures for growth and future change.

The strategies within this post have been developed by the team at EPC Group over the past 15 years to ensure that your organization’s governance plan covers nearly all scenarios you may experience throughout the platform’s life cycle. These strategies are outlined in the following four major pillars:

  • People: Roles and responsibilities
  • Process: How to accomplish common tasks as well as new business and technology requests
  • Technology: Leveraging features and tools to enforce policies
  • Policy: Collection of principles and clear definitions on how the platform is utilized

One of the keys to implementing a successful SharePoint and/or Office 365 governance strategy is to do so in a manner and mind-set that reflects “operational governance.”

One of the best ways I have heard this described was when a client’s CIO once said to me that he felt their organization’s SharePoint and Office 365 governance strategy would be an overall successful if it detailed not only how “the SharePoint ship was built but also how they should drive the SharePoint ship, maintain the SharePoint ship, and even how the SharePoint ship should be winterized.”

Governance and its overall strategy should be controlled by a SharePoint/Office 365 Steering Committee that is responsible for ensuring best practices governance policies, as well as implementing and making available to users the features and functionality that will support the organization’s mission.

Defining Your Organization’s SharePoint Vision and Mission Statement

It is important that a clear message be communicated to your organization regarding the company’s current and future SharePoint and/or Office 365 mission and overall vision that leadership has set for its various functions.

The following is an example of an organization’s SharePoint and/or Office 365 vision and overall mission statement:

“SharePoint provides a centralized environment where day-to-day activities and related documents and policies are organized in an intuitive manner with powerful search capabilities to all our team members.With this technology initiative, the organization has the latest industry-leading tools available for team members to quickly access the information and data required and then instantly collaborate on it. From any Internet-connected computer or device, team members will be able to realize greater efficiency in accessing important business systems, people information, company forms, news, benefits, calendars, and other relevant company information.

This new centralized platform will provide tools for teams to collaborate and share documents, timelines, status reports, and other relevant communications, thus providing additional benefits to our customers and industry partners in a secure and efficient way.”

The Scope of SharePoint 2013/Office 365’s SharePoint Online Governance Strategy

To properly define the scope of your organization’s governance strategy, you should begin by compartmentalizing the different technical, architectural, and functional areas, as shown in the image below, so that you can start to address each at a granular level. Starting at a high level, SharePoint and/or Office 365 governance consists of two major topical areas:

  • Infrastructure Governance
  • Information Management Governance
  • You then break down these two major areas further to create four new main topic areas, which will enable you to begin the analysis and requirements gathering to properly architect and design tailored and organizationally specific SharePoint governance policies:
    • Environment and Security Governance
    • Custom Development Governance
    • Content-Related Governance
    • Administrative and Training Governance

    These four major topic areas contain a large number of granular subtopics such as the following:

    Environment and Security Governance

    • SharePoint and/or Office 365 Disaster Recovery Governance
    • Defining SharePoint and/or Office 365 SLAs for System Architecture and the overall underlying architecture
    • Defining SharePoint and/or Office 365 Maintenance
    • SharePoint and/or Office 365 Security Governance
    • Site Provisioning Governance
    • Lync Server and OneDrive for Business Governance
    • Defining compliance and regulatory governance
    • Continued…

    Custom Development Governance

    • Development of organizational SharePoint Development Standards
    • Creation of Deployment and Code Promotion Standards
    • SharePoint and/or Office 365 Branding Governance
    • Visual Studio 2012/2013 and Team Foundation Server policies and procedures
    • Continued…

    Content-Related Governance

    • Enterprise Content Management–Related Policies
    • Site Storage Policies (quotas, file upload limits, and so on)
    • My Site and Social Computing Policies
    • Power User and Content Updating Guidelines
    • Executive and Legal Content Policies
    • Apps, Libraries, and List Configuration and Customization Policies
    • Continued…

    Administrative and Training Governance

    • SharePoint and/or Office 365 Training Guidelines
    • SharePoint and/or Office 365 Communication Plan Guidelines
    • SharePoint Steering Committee Policies
    • Enterprise SharePoint and/or Office 365 Support Model
    • Executive Dashboard/SharePoint Reporting Guidelines
    • Continued…

    The scope of your organization’s SharePoint and/or Office 365 governance strategy should be tailored to not only provide the information listed previously but also clearly define the following granular areas:

    • Branding and “look and feel”
    • Monitoring and compliance policies and procedures
    • Management of user requests (new sites and custom development requests)

    Key Objectives of the Governance Strategy Guide

    Key objectives are defined outcomes implemented to meet business goals and provide a means to determine the overall effectiveness of the solution.

    Your organization governance strategy is enacted to carry out the following:

    • Create a consistent and standardized environment for collaboration
    • Create a simple and convenient system for qualifying and storing content
    • Provide a system for discovering content through simple navigational tools and effective search
    • Ensure that the environment is managed and supported in a highly available manner

    Guiding Principles for SharePoint and Office 365 Usage

    Guiding principles shape how the overall solution will meet the key objectives defined by the organization. The following principles define the methodologies, rules, and descriptions used to manage the organization’sSharePoint and/or Office 365 solution:

    • Define groups for controlling polices and standards for SharePoint
    • Define how the SharePoint and/or Office 365 application is delivered
    • Define how sites are provisioned
    • Ensure that the appropriate access levels are provided to users to ensure that compliance is strictly enforced
    • Define resolutions for conflicts and required support