I recently wrote an article for SharePoint Pro Magazine based on my experience talking with many large organizations this past year about their top-of-mind Microsoft SharePoint governance concerns and strategies. The article shares common themes and best practices that emerged throughout those discussions. Whether you are looking to improve your SharePoint governance implementation or are beginning to plan your governance initiative, you will want to consider the concepts below for SharePoint governance in 2015:
- Accept that users know their business, not SharePoint or your governance plan
One of your primary goals in a SharePoint governance initiative should be to identify high-risk, unstructured processes and transform them into “managed” services.
- When done properly, increased productivity can be an unexpected benefit of a well-governed SharePoint implementation
It’s natural to think of governance as control. In reality, well-governed systems are the easiest to use.
- One size does not fill all
Administrators often are disconnected from the user content in workspaces and have no way of understanding the varying business importance and potential risk of shared information. As admins, we need to find ways of understanding the types of sites we have, and then securing them with the right amount of governance controls.
- Automation is essential
SharePoint admins cannot manage this effort if they are busy doing repetitive, manual tasks every day. Look to automate as much as possible so that governance controls are enforced the minute an object is provisioned.
- Be prepared to brush up against business process
If you want to create well-governed, business process-driven services for SharePoint, you must understand the business logic behind the control.
- Plan for both proactive and reactive governance controls
Basic Governance, Risk, and Compliance (GRC) concepts state that implementing a control is not enough – you also need to monitor to check if the control is working.
- More reports do not necessarily equal more governance
Do not mistake “reporting” for actual governance controls. What someone does with that report – how often they check it and what they do after that – may be part of your controls, but reports themselves don’t enforce more than the vague specter of accountability at some point in the future.
- Think beyond SharePoint
Understand that SharePoint governance is simply an extension of the overall IT governance strategy, which in turn is fed into the overall corporate governance concepts of the organization. The better you can connect your governance efforts in SharePoint to your organization’s core governance objectives, the more supportable and sustainable they will be.
To read more about my SharePoint governance advice for 2015, please visit SharePoint Pro Magazine.
Learn how we can help you make better business decisions with data you can trust by visiting our website.
With SharePoint in mind… we’ve found that most of our end users struggle with #8… Thinking beyond SharePoint. I try very hard to push that SP can be a tool to supplement existing systems, not to replace.
I agree with #8, governance should not be just about SharePoint, but your entire IT structure
Nicely put, #’s 4 & 8 stand out to me. There are some great plans out there that rely on manual processes, often involving scanning reports for violations, that let themselves down because they fail at the human factor.