Home > Blog

SharePoint 2010 Enterprise Content Governance

by Jeff Carr (May 11, 2011 - 7:10 GMT)
This article was originally published as part one in a two-part series in KMWorld Magazine (part 1, part 2)

SharePoint is a technology rich in capability with an inherent nature to decentralize document and content management from the information technology function. It’s a platform with much promise that, simply put, places increased levels of power and autonomy into the hands of business users. On the surface, it seems like a valid approach because it’s difficult to find fault in letting those who understand the business best manage the information assets they create. The primary problem with that tactic, however, lies in the fact that many organizations lack both standard content management methods and expertise in the application of best practices across areas such as information architecture (IA), taxonomy, metadata and search. 

The resulting unplanned and unmanaged growth of information—along with inconsistencies in the way divisions, departments or lines of business leverage product functionality, as well as varying velocities of adoption—translate into significant challenges around consistency in organization, navigability and findability. The absence of an overall information strategy lessens the capacity to mitigate the effects of the volume of content, and a lack of formalized enrichment processes eventually reduce discoverability and the effectiveness of enterprise search. The success of SharePoint is dependent on the ability to deliver the right information to the right people at the right time in ways that are quick, efficient and intuitive. The absence of a formalized plan ultimately leaves the platform falling short of user expectation.
 
That decentralization of information management in combination with the explosion of content illustrates that the need for governance is more crucial now than ever before. SharePoint implementations need to be thought of as more than just projects with defined beginning, middle and end dates. Because businesses evolve and requirements change, SharePoint projects are never really complete. Ongoing management and continuous enhancement must be integrated into operational practices, but changes cannot just happen on a whim; maintenance and governance processes must be put in place to systematically review proposed modifications. Governance is what makes it work, and even the best-designed solutions will fail in its absence.

Governance Defined

SharePoint 2010 is no different than any other technology in the fact that it will process inputs provided regardless of whether they make sense (that is the old garbage-in, garbage-out adage). The blueprint for information management success lies not only in establishing robust architectures that begin with modeling content and user needs, but also in persistent administration and improvement. Modeling information must capture the inherent qualities of the content as well as its ability to be found. While findability is a key attribute of information design, it is not a feature or capability of SharePoint, but rather a set of standards and processes that are consistently applied to organizational information. Information architecture establishes the foundation for findability, and governance is the slice that holds it together to make it work.
 
Governance, formally defined by Microsoft for SharePoint 2010, is “the set of policies, roles, responsibilities and processes that guide, direct and control how an organization’s business divisions and IT teams cooperate to achieve business goals.” Three key areas that fall within the governance of a SharePoint 2010 solution are:
 
  • IT Governance – Regulation over hardware, software, security, infrastructure, backup and recovery, as well as the services provided.
  • Application Management – Administration and control of custom solutions built on top or integrated within the SharePoint environment. 
  • Information Management – Design and administration of information lifecycles, content types, metadata, taxonomy, workflow, navigation and site structure et al.
 
While it’s important to mention all three Governance segments for the sake of completeness, the focus here is on Information Management and, more specifically, its design and operationalization within the SharePoint 2010 environment. 

Designing for Governance

Effective Governance aligns directly with business goals and objectives to ensure investment in SharePoint and related tools and processes provide sufficient return. When defined in isolation of business users, Governance often becomes dictatorial, restrictive and ultimately a hindrance rather than a foundation for enablement. It must be designed to work within the culture of the business through collaborative efforts that originate as a byproduct of employing standardized IA processes. Shifting perspectives slightly to extend the traditional view of each IA activity from design and implementation only to also account for ongoing management and future enhancement means Governance design is not separate from but rather integrated with IA practices.

Establishing a Vision

A clear description of the solution developed collaboratively by senior level stakeholders and supported by executive sponsors is a key attribute that ensures strategic alignment and sets the stage for all remaining Governance activities. It often starts with a Vision Statement that describes at a high level a common understanding of the overall purpose of the SharePoint solution and how it is intended to deliver value to the organization by tying future activities directly back to strategic goals. Often, the creation of the Vision Statement is not necessarily the goal but rather an exercise in gaining cross disciplinary buy-in from all parties that have a stake, thus setting everyone off on equal footing. 

Governance Model

There is no one-size fits all model when it comes to designing for Governance since different aspects of a SharePoint solution will require different levels of control. The difficulty lies in the delicate balance between approaches that are too restrictive ultimately obstructing productivity versus those that provide unnecessary freedoms that eventually result in a degradation of the overall user experience. 
 
The steps in the following illustration are often used to identify the typical degree of Governance applied based on the purpose of the site structure implemented within the solution. Centralized publication of information like that on an intranet will see stricter controls applied to information architecture whereas more collaborative instances such as departmental or project related sites often have lower levels of restriction. 
 
Microsoft SharePoint Degree of Governance

Source: http://zoom.it/Zb4B#full

To determine the levels that are appropriate it’s critically important to not only understand site architecture and site collection structure, but also content and its inherent value to the organization. High value content will require stricter control in terms of enrichment through taxonomy and metadata, tighter permissioning, workflow and well-defined retention schedules. This assessment of importance is established early on through IA activities that include the auditing and inventorying of content, which also become the foundation for the identification of content types, metadata schemas and term store design.

Microsoft SharePoint Information Governance

An understanding of where content originates and how and where it makes its way into the SharePoint structure is an important design activity that weighs heavily on subsequent IA activities including the creation of technical architectures, site maps and wireframes.

Teams, Entities, Roles & Responsibility

Once a Governance model has been designed the next consideration is an overall framework for management. The purpose of establishing a formalized management structure is to describe how each employee as an individual or as a member of a particular role or group is responsible for ensuring success of the SharePoint solution. It’s important to clearly articulate ownership and accountability for management of business processes, site and information architectures as well as responsibility for measuring compliance and application of enforcement mechanisms. 
 
This is primarily accomplished through the formation of the following (or similar) cross-disciplinary entities:
  • Steering Committee – Intended to provide strategic direction and is often the same team responsible for creation of the Vision Statement. Provides leadership and advocacy and ensures the interests of the represented areas are considered. 
  • Advisory Council - Responsible for Policy and Standards management including creation, alignment with organizational goals and relevance as business needs change.
  • Task Forces – Cross functional or divisional teams that are ad-hoc in nature and intended to solve specific problems at strategic and policy or standard levels.
  • Working Groups – Responsible for the implementation and/or operationalization of Governance within the SharePoint environment. 
  • Communities of Practice – Comprised of various groups of stakeholders, subject matter experts or area champions who need to collaborate, share knowledge or be informed of or provide input into policies and standards. 
Participation in these entities from a variety of roles is required and includes senior management and executive sponsorship, division, departmental or geographic business leaders, technical experts, search administrators, information architects, taxonomy managers, content specialists, professional development and corporate trainers, subject matter experts and area champions. 
 
An effective approach to modeling cross functional interaction between roles and responsibility is through the design of a Responsibility Assignment Matrix. Rows in the matrix represent individual responsibilities while specific columns represent a single role. Completion of the matrix requires assignment of one of four values to a corresponding role and responsibility:
  • Responsible - The role that actually accomplishes or executes a task.
  • Accountable - The role ultimately answerable for success or failure (R reports to A).
  • Consulted - Subject matter and technical experts brought in as needed.
  • Informed - People and departments who are kept apprised of findings, results and policies.

Dedicated resource allocation for participation within these entities and roles is a must. Improving the chances of success means Governance responsibilities cannot simply be “added to the plate” of an existing job function. Rather, work processes must be adapted to incorporate and allow time for managerial responsibility. 

Policies & Standards

The Steering Committee and Advisory Council characteristically hold responsibility for development of policies and standards that align with overall purpose including definition of rules and articulation of appropriate use for the SharePoint solution. Policies, which are often motivated by regulatory or organizational requirements, are intended to ensure quality of information and experience through consistent application of procedures and common standards. 
 
Ensuring alignment with business needs requires identification of the entities and roles responsible for policy definition as well as how and when changes take place. Also essential is a clear outline of decision-making authority as well as escalation procedures for addressing policy violations and resolving conflicts.  A standard approach for addressing definition and development of these rules is to:  
  1. Develop the Policy
  2. Define Procedures and Standards
  3. Create Review and Compliance Mechanisms
  4. Develop Enforcement Processes
  5. Identify Metrics
  6. Review Feedback
  7. Prioritize Enhancements
Typical areas for policy development include site structure, branding and design, taxonomy and content management including content types and metadata, search integration, user experience, security and permissions. Since system users are expected to comply without deviation, failure to do so must result in non-compliance and enforcement. End-users however cannot be expected to seek out an understanding of the rules on their own. Rather, they need to be published, transparent and made available for easy consumption through regular communication strategies and activities. 

Socialization & Training

This leads to a final key area requiring attention which involves ensuring end-user awareness.  Designing for Governance need also consider how users will consume and become familiar with processes and, the more distributed the model, the greater the need for familiarity with management structure, policies, procedures, standards and guidelines. Documentation should not be hidden or not at all available but rather centrally published in ways that are easy to find and understand.
 
Awareness may be delivered through a variety of methods including formalized training sessions as well as integrated directly within the solution at the time of need. Potential approaches may include:
  • Dedicated home page real estate that promotes governance best practices, specifically those related to effective content management such as tip of the week or did you know?
  • News and announcement distribution outlining structure, role descriptions and responsibilities. 
  • Introduction to and review of guiding principles at the beginning of formal training or educational sessions.
  • Single page “cheat sheets” or summaries outlining key guiding principles as well as compliance and enforcement mechanisms. 
  • Physical publications, such as newsletters or magazines and/or brochures, posters or other collateral displayed around the office.
Socialization and communication is not a one-time event, it too needs to become part of operational processes and integrated, along with mechanisms for feedback, into the way in which work is done. 
 
Aggregation of outputs from the activities described here will result in the formation of a formal Governance Plan, which needs to act as a living and breathing document representing the framework for management and enhancement of the SharePoint environment. The remainder of this article will focus on mechanisms available for the operationalization of Governance within SharePoint 2010