MVP Take: Govern, manage and mitigate SharePoint application risks

3 min read
Blog header Image

We sat down with three of our Microsoft MVPs Tobias Zimmergren, Erwin van Hunen, and Waldek Mastykarz to talk SharePoint. What followed was an intriguing conversation which formed the basis for this MVP blog series special. In this weeks installment, Tobias and Waldek talk about governing, managing and mitigating SharePoint application risks.

Blog posts in this series:

Tobias Zimmergren is a 10 year Microsoft MVP and works as product Owner at Rencore. He plans, architects and develops software and distributed cloud systems.

Tobias: “You can mitigate SharePoint application risk in various ways, and a good application governance plan is really important and should consist of the following:

  • An inventory of how and where all applications are being used
  • How applications are being linked
  • An analysis of the contents of every single application
  • A tight grip on general practice

You should plan how you implement applications, train users, power users and citizen developers. I recently had a discussion with someone in the community about citizen development and the summary, after pointing out both advantages and disadvantages, was that citizen development isn’t a bad thing – it’s a very good thing because it can help you increase the return of investment (ROI) from your SharePoint. But a lot of time, you don’t know what’s being modified, what’s being changed, what scripts and third-party libraries are being used. This is where the risk comes in but being aware and mitigating these risks is the key to extending SharePoint safely.

So, your plan for mitigation should be the following:

  • Discover what is in your SharePoint environment
  • Plan for application governance
  • Plan for training

We have talked about our training – 15 years is a very long time. As a consultant, every day is training. It’s very important to understand the risk but also the possibilities you have going forward and extending SharePoint effectively and securely.”

Guiding hands will help you deploy SharePoint solutions to production safely.

Free Risk Assessment

Waldek Mastykarz is a 10 year Microsoft Office Development MVP and Product Owner at Rencore. He reinforces our product development and is also a member of the SharePoint PnP Core Team

Waldek: ” So, to summarize, you would train users to become more aware of the things that they are about to change so they can make a correct judgement on what to change – not just how to make a change.”

Tobias: “Yes. I would never say avoid extending SharePoint or don’t be a citizen developer. Most organizations are benefiting a lot from having people outside of IT who can quickly go in and change a list or add a web part. It needs to be this way because one of the great things about SharePoint is the extendable capabilities. It’s important to understand the consequences of a poorly governed SharePoint environment where users fail to comply with industry standards.”

Free Risk Assessment

Rencore’s Risk Assessment will help you discover application activity in your SharePoint environment and highlight the requirement’s needed for application longevity. Furthermore, it detects real production security issues and builds a risk report based on your data. Learn about quick wins for application security, governance and mitigation when extending SharePoint. Try our Risk Assessment for free today.

Free Risk Assessment


Rencore is a software company providing award-winning solutions essential to the SharePoint and Office 365 space. They empower organizations to extend SharePoint securely through SharePoint applications. To achieve this, they have developed the Rencore Platform based on the four pillars: App Security, App Governance, App Management, and App Modernization. By using the Rencore Platform to help secure, govern, manage and modernize applications, organizations can consistently mitigate and manage any risks before they become a problem, allowing them to run a performant bespoke SharePoint platform to meet their business needs whilst also delivering a significant return on investment.