As mentioned in part one of this two part blog series: What is Governance – Getting Started, the most difficult part of creating a SharePoint governance strategy is knowing where to begin. While the ideal situation is to have a governance plan in place from the start, that’s a rare occurrence. Most organizations that work with SharePoint, whether online or on-prem, have a long history with the platform (or similar technologies) that saw it grow organically, and sometimes rapidly. Many SharePoint organizations started with the free version (WSS or Foundation), only embracing the enterprise version once users had adopted the platform. In other words, by the time these companies started thinking about governance, the train had already left the station.
No matter how your organization adopted SharePoint, the present is always a good time for some healthy introspection on the state of governance. Many IT organizations have found themselves thrust into governance, having to clean up, organize, and administer systems and solutions that we not deployed with governance and compliance in mind. Most find themselves building out governance retroactively.
These two wise men will help you understand how to set up a secure and compliant SharePoint environment.
Don’t worry — you’re not alone, and there are many tools, blog posts, and experts out there to help you shape your governance practices and strategy. Based on my experiences, the two steps I would consider first in building your strategy and taking back control of governance include:
Confirm executive support
This is essential to any IT project, but especially with SharePoint governance, as you may need to clarify, communicate, and then enforce certain policies, using both the carrot and the stick. You’ll need your executive team to have your back.
Create a cross-functional taskforce or governance committee
This is where your governance model is debated, designed, and approved by stakeholders across your organization. Forming the group early helps you to shape your strategy and policies, and also to identify the right players to be involved going forward.
While these two recommendations are essential steps to taking back control of your SharePoint governance, they are just the beginning of your planning process. Some additional steps to consider include:
Create a governance site
Create a location to document and socialize your plans, so that stakeholders and end users alike can provide input, and help make the resulting plan part of your company culture, ensuring long-term success. I recommend making this separate from any IT sites, and allow access from any and all within the company.
Understand SharePoint usage and activity
Having a baseline of what is happening within your environment today is critical. Start your planning with data, so that you better understand who is using SharePoint, how they are using it, and where there are gaps in your planning.
Map out your records management policies
Different departments may have different rules they need to adhere to, and one set of rules may not apply to everyone.
Identify 3rd party tools and solutions
Part of your assessment is to understand what is on the system, whether legacy tools are necessary with the latest SharePoint updates, and most importantly — understand how they are deployed and used to confirm that current (and future) security and compliance policies are being met.
Create an inventory of all customizations
The health and welfare of your system can be at jeopardy not only from “shadow IT” deployments of unregulated tools and solutions, but can also be impacted by the way in which your end users modify and customize the platform out-of-the-box. A regular assessment is key to healthy change management.
Implement and iterate
Once the plan has been built and signed off by your executive sponsor, stakeholders, and end user influencers, begin to implement – making sure you have a strong change management process in place, so that you can make adjustments to your strategy as you learn.
Over to you!
Establishing a robust governance strategy often includes a lot of planning, but the benefit is that you will be better prepared for the rapid change that will inevitably happen within your industry, and to your business. For organizations preparing for any level of digital transformation, having a solid governance model in place will be essential. They say that the only constants in life are death and taxes, but I’d add one more item: change. Knowing that, it’s best to be prepared for it.
Rencore’s free Risk Assessment is a good place to start your governance planning. it will help you discover what’s happening in your SharePoint environment and highlight the requirement’s needed for application longevity. Furthermore, it detects real production security issues and builds a risk report based on your data. Learn about quick wins for application governance, security and extending SharePoint. Schedule a demo today.