Home > Blog

Operationalizing Information Governance in SharePoint 2010

by Jeff Carr (May 11, 2011 - 7:48 GMT)
This article was originally published as part two in a two-part series in KMWorld Magazine (part 1, part 2)

In the first part of this article I defined governance and discussed some of the key elements in designing a governance plan. For many organizations, the plan to migrate to SharePoint 2010 will require at a minimum a refresh if not complete redesign of existing information architectures. The relative newness of the platform means this is an opportune time to define and carefully plan exactly what the information landscape needs to be. Migration in and of itself should not be seen strictly as a means to acquire new capability, but rather as a suitable time to (re)design and implement foundational information management structures out of the gate. 

While creating committees, identifying responsibility and assigning ownership and accountability are crucial, these activities in and of themselves do not guarantee success. Execution is often the most challenging part of governance and while modeling and design is one thing, compliance and enforcement are another. Fortunately, deployment of information management features in SharePoint 2010 offers the ability to operationalize some fundamental aspects of governance processes through the application of automated mechanisms. Approaching design and the information architecture process with an eye toward governance by extending design activities to include ongoing management functions is a significant contributor to establishing a foundation for operationalization. 

Leveraging IA as a Foundation

Features and functionality offered by SharePoint 2010 for implementation of governance inherently require a certain level of familiarity with organizational content. As a result, the first step in operationalization lies in the development of a content model, which in essence becomes the blueprint for the overall content architecture. Conducting (at a minimum) an audit of the existing environment is an important initial activity that assists with identification of not only the types of content that exist, but also unique characteristics inherent to the information itself. 
 
The scope of the content audit is to review and evaluate a representative sampling of twenty-five to thirty percent of documents with the result typically captured in spreadsheet format, usually containing columns for the following information:
  • Document Type - Identifies the general type of content represented by the document. Generally speaking, this document is a <blank>, where <blank> is a Policy, Procedure, FAQ, Job Aid, Bulletin or Notice etc.
  • Volume of Content - Estimation of the total amount of content for this document type. Intended to provide a general scale of overall scope.
  • Special Characteristics - Notation of qualities that stand out, such as format (does it make use of a standard template or use consistent naming conventions), metadata attributes (how is it tagged - status, owner, topics, language, sub-types, audience, reference data et al.), are there multiple versions and is it still relevant (when was it created or last modified). 
  • Relative Value - Identifies the importance of the information to the organization overall. Not all content is created equal and those types identified as having higher value will require special methods for handling areas such as enrichment and lifecycle. 
  • Source - Location in the source repository where the document is stored. 
  • Samples - Listing of sample titles of documents typically representing the type of document.  
The last two columns are used as reference material when reviewing content with subject matter experts later in the IA process. As a side note, preparing for a migration should also include the creation of a content inventory for existing repositories intended to be included as part of the scope of the redesign or migration project. A full inventory delves into substantially greater detail with respect to documenting properties, mapping from the old to the new structure and reviewing, revising, deleting or archiving old or outdated content. Standard templates for conducting an inventory can be found on the IAI site

Designing Content Types

The question is what does the content analysis have to do with governance? This phase of the information architecture process helps identify important information types which can then be managed within SharePoint through the application of Content Types. A Content Type in SharePoint is defined as a reusable collection of settings that describe behavior, management and properties for a specific type of information including metadata attributes, information management policies, workflow and standard templates: [1]
 
While many Content Types are provided out of the box, they are generic in nature and in no way representative of the uniqueness of organizational information. The purpose of the audit process is to help identify an initial set of document types required to be considered for implementation as Content Types. Approaching the management of content using Content Type definitions often begins with the design of a foundational type with a core set of standard metadata attributes required to be applied to all content items. The core Content Type becomes the parent for all other Content Types that then inherit the basic properties defined. Additional traits for children and grandchildren etc. are added to describe the unique characteristics of each additional Content Type that is required. Once an initial set of Content Types is identified, further design detail around each is required, including:
  • Metadata Schema - Identifies unique attributes used to describe the inherent nature of the type of content as well as requirements for enrichment intended to improve findability through access mechanism like search and navigation. 
  • Taxonomy & Term Store Management - Identifies facets and controlled vocabularies for consistent application of terminology across the SharePoint solution, regardless of location in the hierarchy.   
  • Information Lifecycle Design - Consists of modeling processes around creation, capture, management, retention, archival and/or disposition. Includes defining information management policies and standard processes for periodic review to ensure accuracy, quality and relevancy of content. Design activities are closely aligned with the development of workflow, retention and compliance mechanisms. 
Creation however can get out of hand and therefore instantiation of new Content Types cannot be allowed to be an ad-hoc activity. Governance processes around management of Content Types need to be established and must include policies and procedures for creation, modification and deletion. 
 
Additional considerations for design include scope of use. Some Content Types may be required across departments, geographic regions or lines of business while others may be localized within a specific business unit. Those identified as global require centralized management within a specialized site collection known as a Content Type Hub. They can then be made available for use in subscribing site collections through syndication.

Metadata Schemas

As mentioned, a common approach to designing a global metadata schema begins with identification of a core set of attributes required to be applied to all content items in the SharePoint environment. These attributes are attached to a core Content Type as columns and inherited by each individual Content Type as a base set. Unique metadata requirements are then layered on top of the core to support both management and enrichment by describing the inherent nature of the type of content. A formal process for defining what the additional attributes are begins with the audit and ends with a schema representative of each Content Type. Management of metadata attributes for any particular Content Type must then be subject to formal governance procedures around creation, modification and/or deletion. 

Taxonomy, Controlled Vocabulary & Term Store Management

Taxonomy within the SharePoint environment is typically applied to content through the application of controlled vocabulary. In SharePoint 2010 this is surfaced via Managed Metadata, which represents a hierarchical collection of predefined and centrally managed terms that are applied by publishers as metadata attributes to content items. Terminology surfaced as part of the publishing process originates from within the Term Store, which provides centralized storage and management for standard vocabularies through the following constructs:
  • Groups - A flat list or hierarchical collection of related attributes comprised of one or more Term Sets. 
  • Term Set - A flat list or hierarchical collection of related Terms that belong to a Group.
  • Term - A word or phrase that can be applied by publishers and system users as metadata to content. 
These constructs must themselves be designed to be flexible enough to evolve with the business over time. The evolution however must be both predictable and controllable. Not anyone can be allowed to make changes on a whim to the Term Store structure since all Managed Metadata fields throughout the solution use it as the source for controlled vocabulary. Term Store administration must be considered within the realm of information governance and include change control that addresses formal review processes important for quality assurance and consistency, standard practices for adaptability to changes in the business environment and an evaluation of costs and benefits of proposed modifications including the impact on the existing environment in terms of retagging of content and retraining for publishers and consumers. The following table provides an overview of standard roles along with tasks that each is able to perform. 

ROLE

TASKS THIS ROLE CAN PERFORM

Farm Administrator
  • Create a new term store.
  • Connect to an existing term store.
  • Add or remove Term Store Administrators.

Term Store Administrator
  • Create or delete term set groups.
  • Add or remove Group Managers or Contributors.
  • Modify the working languages for the term store.
  • Import term sets.
  • Create, rename, copy, reuse, move, and delete term sets.
  • Modify a term set’s description, owner, contact, stakeholders, submission policy, and whether the term set is available for tagging.
  • Create, rename, copy, reuse, merge, deprecate, move, and delete terms.
  • Modify a term’s description, labels, default label, and whether the term is available for tagging.

Group Manager
  • Add or remove Contributors.
  • Import term sets.
  • Create, rename, copy, reuse, move, and delete term sets.
  • Modify a term set’s description, owner, contact, stakeholders, submission policy, and whether the term set is available for tagging.
  • Create, rename, copy, reuse, merge, deprecate, move, and delete terms.
  • Modify a term’s description, labels, default label, and whether the term is available for tagging.

Contributor
  • Create, rename, copy, reuse, move, and delete term sets.
  • Modify a term set’s description, owner, contact, stakeholders, submission policy, and whether the term set is available for tagging.
  • Create, rename, copy, reuse, merge, deprecate, move, and delete terms.
  • Modify a term’s description, labels, default label, and whether the term is available for tagging.

Source: http://office.microsoft.com/en-au/sharepoint-server-help/manage-permissions-and-roles-for-term-sets-HA101631579.aspx

The governance structure must take these into consideration when defining ownership, responsibility, security and permissioning that addresses Group, Term Set and Term management within the Term Store for actions such as: 

  • Creation or insertion of new terms (e.g. New Product or Product Line) 
  • Renaming existing terms (e.g. change to a Product Name) 
  • Splitting terms (e.g. a category becomes too voluminous and needs to be split into multiple sub-categories)
  • Merging terms (e.g. Too few items across sub-categories)
  • Adding a new facets (e.g. New Activity or Business Process) 
  • Deleting an existing facet or category (e.g. Product Discontinuation, Selling of a Line of Business) 
  • Deleting a term (e.g. An Activity, Business Process or Line of Business cease)
  • Moving a category or merging terms (e.g. Changes in Business or Organizational Structure)
  • Term re-use (polyhierarchy)

Automating Information Lifecycles Using Policy, Workflow & Compliance

A lack of information lifecycle design is an important contributor to the accumulation of ROT, or content that has become redundant, outdated or trivial. SharePoint implementations that begin and end with a technology-centric approach to design and implementation often end up evolving into generic dumping grounds for content and ultimately end up becoming significantly more difficult to both manage and use. The resulting information abundance causes substantial decreases in findability that eventually leads to degradations in the user experience particularly in the area of search as users are forced to sift through pages upon pages of irrelevant results. 
 
SharePoint provides capability to implement Information Management Policies with out of the box policy features that include: 
  • Retention - Ability to ensure that content is not retained for unnecessary periods of time.
  • Auditing - Provides the ability to audit user behaviour against defined policies and procedures by tracking operations performed on content, such as viewing, opening or downloading.
  • Labeling - Capability to attach labels to physical copies of documents so they can be correctly identified.
  • Restrictions on Print - Ensures that the printing of sensitive content items is restricted.  
Retention schedules can be associated with content to enable automation of processes that ensure relevance and timeliness of information by addressing review, archival and/or disposition on a regularly scheduled basis. Attaching retention actions and workflow to specific Content Types allow for increased control over the behavior of that content. Retention Stages defined within the settings for a Content Type include: [2]
  • Event Definition - Identify what needs to take place in order for the Retention Stage to initiate. Typically based on values captured within date fields that represent the passing of a specified amount of time since a previous event took place on the document, such as creation or modification.

    SharePoint Retention Event Definition

     
  • Action - Identify the action required to occur once the event has been triggered. Actions are frequently associated with workflow and typically include archival, standard review or permanent deletion.

    SharePoint Retention Action

     
  • Recurrence - Identify the time period for which the Retention Stage is required to be repeated. Often associated with the passing of a specified period of time since successful completion of the previous Retention Stage.

    SharePoint Retention & Recurrence

Workflow is an important requirement for ongoing management of content in the SharePoint environment and is required for managing phases that fall within a Content Type’s lifecycle (creation, capture, modification, disposition and/or archival). SharePoint offers simple predefined workflows out of the box that include: [3]

  • Collect Feedback - Sends a document for review.
  • Approval - Sends a document for approval, often as a prerequisite to publishing it.
  • Disposition - Manages document expiration and disposition.
  • Collect Signatures - Routes a document for signatures.
As with Content Types, the workflows provided often do not meet the needs required to automate management of the content. There may be more general workflows that can be created that can be used across Content Types and custom ones that might apply to a single Content Type. The example below illustrates a two stage approval process for content intended to be promoted to a more secure area of the solution.  
 
SharePoint Two-Stage Approval Workflow

Summary & Conclusion

The success of SharePoint in any environment will be measured by end-users ability to easily find the information required at the time of need. Information architecture and governance establish the foundation for findability by providing a methodology for modeling both content and user needs and creating a set of standards and processes that are consistently applied to organizational information. Consequences of their absence include:
  • Insufficient resources to keep content up to date or to correctly tag and organize information in support of business objectives;
  • Lack of ownership and accountability leading to content that gets lost, stale or disorganized;
  • Decreased findability through search and navigational access mechanisms resulting in poor good will, low productivity and frustration among end-users;
  • Expected efficiencies and cost saving are not achieved; and 
  • A lack of future opportunities if foundational capabilities are not developed over time.
When designing for information governance organizational culture and maturity must be a key consideration. It cannot be something that is imposed upon or establishes obstacles or barriers to productivity. Overall structure must be created in collaboration with stakeholders and subject matter experts. Communication and socialization is required to ensure understanding about how controls put in place are intended to reduce or eliminate content management and findability problems. 
 
Governance is not a one-time thing but rather an ongoing process that has operational components integrated directly within the SharePoint environment. It needs to be thought of as an extension to the information architecture process and viewed as the establishment of a solid foundation required for information management success. Requirements for setting up and operationalizing governance include:
  • Cross representation lead by strong Executive Sponsorship.
  • Clear definition of roles and responsibilities including identification of working groups responsible for tactical implementation that include subject matter experts. 
  • An effective governance plan that is created with the business and intended to support the pursuit of strategic goals, not to constrain operations and productivity.
  • Periodic review and revision including responsibility for keeping documentation up-to-date.
  • Ensuring that policies, standards and procedures are appropriately socialized and users are familiar with guiding principles.
  • Definition of overall ownership and management of information.
  • Consideration that it is a “living” entity that must evolve with the changing needs of the business.
Governance and consistency in information architecture enable transfer, sharing, integration and creation of knowledge in the organization.