This is part II in a mini-series about the Minimal SharePoint Governance Plan needed to get you started with your SharePoint governance efforts. The objective is to create a simple and viable plan that covers the core governance aspects for operations and solution management. The plan comprises the functional areas of textbook enterprise governance plans, skipping organizational aspects to focus on technical aspects. The focus is on lifecycle management of SharePoint sites and users, classification and management of content, and on driving findability, all hosted on a robust SharePoint farm.
Required Operational Governance
The governance plan for the SharePoint environments must specify policies for both farm infrastructure and operations. The architecture of the farm must be adequate for hosting the planned solutions within defined service level agreements (SLA), and at the same time be positioned for future expansion into other solution areas.
Operational aspects that must be covered by the governance plan:
o Farm with redundancy
• Backup and Recovery
o Retention and disposition policies must be defined and enforced
o Restore specific information assets
o Tested disaster recovery plan
o Complete solution can be restored within allowed time limit
Usage of SCOM SharePoint management packs is recommended. For recovery is DocAve Backup & Recovery a recommended 3rd-party tool, it provides capabilities beyond ootb SharePoint 2010, such as item-level recovery.
Required Solution Governance
The governance plan for the SharePoint solution must specify policies for governing the sites and information assets that make up the solution. This especially applies to how to manage solutions over time as they evolve in response to changed business requirements.
Solution aspects that must be covered by the governance plan:
• Site Lifecycle Management (SLM)
o Policies for provisioning, retention and disposition must be defined
o Automation of SLM through site provisioning forms and timer jobs
o Site delete capture for retention beyond database backups
• Content Type and metadata definitions (taxonomy)
o Policies for retention and disposition, including archival and records, must be defined
o Classification of all information assets, from sites to documents and items
o Cover the core content types for your company (the immutable base content types)
o Enable findability through consistent classification and tagging of content
SharePoint has little built-in support for SLM, but most SharePoint workflow tools provides support for user input forms and site creation and management. For site retention, the CodePlex MSIT Site Delete Capture tool is an option.
There is good taxonomy support in SharePoint 2010 provided by the Managed Metadata Service and the Content Type Hub mechanism. Note that neither managed metadata nor social tagging is included in SharePoint Foundation 2010, these are SharePoint Server 2010 service applications.
Optional Solution Governance
In addition to the above aspects, governance policies for how to manage users, their permissions and their ownership of sites and data should be defined. Employees come and go, resulting in SharePoint data that nobody manages, or in worst case, lost knowledge.
Solution aspects that should be covered by the governance plan:
• User Lifecycle Management (ULM)
o Manage the lifecycle of accounts due to onboarding, transfering, and termination of users
o Policies for permissions and ownership of sites and information assets
o Automation of ULM though partner/open solutions
• Visibility into usage
• Visibility into permissions
The visibility into what a user has access to has improved a bit in SharePoint 2010, so has the usage reporting capabilities. Still, 3rd-party tools such as LigthningTools DeliverPoint or Axceler ControlPoint might be required dependent on needs.
SharePoint Governance Checklist
Microsoft provides a SharePoint governance checklist guide whitepaper that my customers find very useful. The checklist covers important governance and lifecycle management aspects that must be included in a governance plan. It is strongly recommended to review all areas of your governance plan against this checklist.
Aspects covered includes:
• Design-time and run-time governance
• Roles and ownership
• Information architecture, navigation and findability
• Infrastructure and operations
• Testing and development
Each checklist has a related tips & information section, effectively making this a pocket governance guide.
All parts of this mini-series:
Part I - SharePoint Governance - Eating an Elephant
Part II - Start with Simple Governance (this post)
Part III - Minimal Governance Plan