Top 8 Things to Look for in an Office 365 Governance Solution

Post Date: 05/29/2019
feature image

Learn how to effectively govern your data with our free webinar on-demand “7 Crucial Office 365 Strategies To Contain Sprawl And Keep Data Safe.” 

There are a bunch of tools out there that manage Office 365; heck, some even have good features and interfaces.

However, while it’s easy for vendors to use buzzwords like “security,” “automation,” “lifecycle management” and “governance,” there are certain things they just can’t fake.

Here are the eight things to look for to help you separate the pretenders who’ll manage a few disparate operational processes in Office 365 from the industry leaders who can help you enforce your governance policies across the platform.

1. The Granularity of Requests and Approvals

The Buzzword: “Approval Process”

When a tool says that there’s an approval for a process, there’s seldom more information about how dynamic that approval can be.

Questions to Ask

  • Can it be a multi-stage approval so that IT doesn’t have to handle all the business operation requests?
  • Can more than one user be enabled within the same approval workflow?
  • Can the solution determine access based on combined user properties?
  • Can you simply and easily determine who can do what down to every user?
  • Can users provide feedback or make changes as part of the approval?

Why You Should Care

These impact your plan for how a tool will be implemented to solve business cases in your organization.

2. Service and Actions Controlled In Office 365

Buzzwords: “Controlled Creation,” “Controlled Provisioning”

Governance is more than just controlling the creation of objects.

Questions to Ask

  • When a new workspace is provisioned, are there tools offered to ensure that settings and security are not altered over time?
  • If there’s a Microsoft Team, for instance, how does the solution handle the SharePoint site permissions for the files stored in the Team?
  • Can additional actions like moving content or creating users be enabled or controlled through the solution?
  • How does the solution enable or simplify oversight and reporting on requests and activity?
  • Are you able to create your own services via the solution?

Why You Should Care

If you’re investing in a governance tool, it’s important that the tool be able to enable changes while still enforcing Office 365 business requirements and needs for your users. If you’re only setting options at provisioning and then locking down changes for your environment, you may still wind up with unhappy end users and an overburdened IT department.

Shopping for an O365 governance solution? This post might help: Click To Tweet

3. Ease of Access to Services

Buzzwords: “Simple Interface,” “Streamlined”

End users want everything to be as quick and simple as possible.

Questions to Ask

  • For the different kinds of services that can be enabled, can the tool customize the user experience via combined properties?
  • Can you steer users towards the right action without making them learn a new process?
  • Can the solution communicate actions and policies clearly and easily to your users?
  • Is it simple and easy to enable multiple services for users across the organization?
  • Can stakeholders and business users access trimmed reports on activity, workspaces, and security?
  • Can your stakeholders easily see and approve task requests?

Why You Should Care

It’s important for users to have a streamlined experience, but it’s also important for you to be able to control which users can and can’t request or automate certain actions. Any solution that your users directly interact with must be able to simplify and ease their day-to-day interaction when it comes to getting the services they need from the organization.

4. Trimming for Tasks and Reporting

Buzzwords: “Full Insight Into Your Environment” “Security Analytics” “Reporting”

If a solution is claiming that it controls security and is governing your Office 365 environment, it should provide insights into how this is actually happening

Questions to Ask

  • Are there security, access, activity, and task management reports available to monitor all the activity that’s taking place in Office 365?
  • Can you trim and customize reports so that only certain users see certain data?
  • Is the governance solution able to surface information to stakeholders and business users to help them keep track of management tasks through the solution and surface workspaces that may be relevant to them?
  • Can oversight of security and security changes be enabled right within the reports themselves?

Why You Should Care

If your solution is only showing one set of report data and your end users don’t have easy ways to see what they need to approve or what they may already be able to access, you’ll be severely limited on how you can implement the tool in ways that can actually increase productivity and reduce operational burden.

5. Automation of Processes

Buzzwords: “Automated Workflows,” “Reduce Burden on IT,” “Automated Governance”

When it comes to solutions that govern and manage Office 365, it’s very important that the solution has enough capability to actually increase the efficiency and productivity of the teams that have to use it.

Questions to Ask

  • Does the tool create additional workloads via processes that have to be monitored or cleaned up on the back end?
  • Does it actually improve communication and streamline interaction between IT and the business, or does it just funnel end users to one interface?
  • Does the solution keep the environment structured and remove stale or expired content over time, or does it rely on native processes and only applies settings at the provisioning stage of a workspace?
  • Using the tool, what will your workspaces look like in six months? Two years?
  • Can users keep what they need, or are they forced to archive or delete content?
  • Can you control how long they can extend the life of content?

Why You Should Care

Any solution trusted to manage content and security should be able to streamline interactions between IT, stakeholders, security teams, and business users. It’s important that feedback can be given, changes can be made, and reports and information can be trimmed and easily accessed.

All of this should be done for requests not just from the beginning of the creation of a workspace, but for every action and security change that takes place across the entire Office 365 platform. A really great question to ask is “Using the tool, what will my platform’s workspaces look like in six months? Two years?”

6. Ongoing Enforcement and Security

Buzzwords: “Lifecycle”

Many of the “Do It Yourself” tools created by IT teams and some solutions can apply security, lifecycle, and content settings at the time that workspaces are created, but making sure that those stay updated over time requires constant monitoring and reporting.

Questions to Ask

  • Can the solution automatically make sure that security requirements are not violated?
  • Can it enforce content settings like versioning across Microsoft Teams and SharePoint?

Why You Should Care

This can be very important for keeping the user experience consistent across workspaces, and for enforcing security across Office 365. It’s doubly important to understand that without automatic enforcement, your teams will still have to perform traditional security auditing and maintenance tasks to ensure that content and security settings are in line with business requirements.

office 365

7. SaaS Platform Reliability

Buzzwords: “The Cloud” “SaaS Application”

As you look at governance and Software-as-a-Service (SaaS) solutions, the cloud application supporting the solution itself must come into consideration.

Questions to Ask

  • How mature is the SaaS software?
  • Are there regular updates for the solution?
  • Is there documentation on the security processes, and does the application have any certifications?
  • Is the solution available via multiple cloud data centers and is it hosted in a trusted cloud?
  • Does the platform rest in Azure along with Office 365?

Why You Should Care

It’s one thing to build a software application, but building out and maintaining a SaaS application that’s secure and reliable requires constant updates, maintenance, and a team that is capable of adding improvements and adapting to change with little notice. Choosing a vendor that has a proven record is extremely important.

8. Supporting Services

Buzzwords: “Customer Support”

Many organizations make large investments in software that then becomes “shelfware” for lack of training or understanding how to best implement the tools to meet the actual organizational business needs.


  • Does the organization providing your software also provide training services?
  • Can they help you set up the solution in a larger environment?
  • Do they have the experience and expertise to help you create governance plans and develop policies with your stakeholders?
  • Do they have 24/7 customer support?
  • Does the solution come with detailed documentation?
  • Is there helpful video content and information to help you understand best practices?
  • Are you able to call into a live rep 24×7?
  • What level of skill and effort can they provide to help you meet your needs?
  • Are their representatives true technical engineers or frontline service workers?
  • Do they have a customer success team to make sure that you’re satisfied and getting the most out of your products?

Why You Should Care

Even if a solution is very simple to use, it can be difficult to scale its capabilities across an organization to meet business needs. It’s extremely important that additional services and resources be available so you’re not left in the cold when it comes to the actual implementation of the software you’ve purchased.

If you don’t have a trusted partner to help you on your way and make certain that everything is working properly, then you don’t have a solution that can be trusted to manage your Office 365 platform.

Looking for more on Office 365 governance? Be sure to subscribe to our blog!

​Hunter Willis has been in web development, SEO and Social Media marketing for over a decade, and entered the SharePoint space in 2016. Throughout his career he has developed internal collaboration sites, provided technical and strategic advice, and managed solutions for small to large organizations. In addition, Hunter has served as a strategy consultant for many companies and non-profits in the Richmond area.

View all posts by Hunter W.

Subscribe to our blog