My career in technology

Governance has become a hot topic in the SharePoint community.  Wondering why?

There are consequences for poor governance.  Many organizations have learned that SharePoint is so very easy to do wrong:  spend an afternoon installing the software, give your users access, and hey, you’ve succeeded in doing it wrong.  SharePoint is a complex product with many features and a lot of flexibility in configuration, which means if you don’t have a plan (and a way to monitor the plan), things can get out of control quickly.

Let’s look at some of the risks and results of poor governance…

Site Proliferation

A few weeks back I won the spring AIIM haiku contest (rules) with this entry (my competition):

SharePoint governance
poorly applied, sites blossom
scatter like petals

I received several accolades from various people for the poem – it seems like out-of-control SharePoint implementations are fairly common, it wasn’t just unique to my situation.   In the environment I inherited, there were more sites than employees – nearly two sites for every employee in the company.  And we didn’t even have My Sites implemented.

If anyone can create a site with no review, no checks and balances, then site proliferation is just about guaranteed to happen. 

  • Who owns the site?  With that many sites, it can be hard to tell.
  • Did they need a site, or did they just need a page, or a library, and had not been trained to know which they needed?
  • Is the site still in use?  Who knows?
  • Is the data in the site still relevant?
  • Were any of the sites built to fulfil a purpose already being filled by an existing site?

Without a process for determining the actual need for a site, the lifespan of the site, and a clear record of ownership for the site (just as a start), managing the mess is difficult at best.

Rights Management

Each site was created with several security groups.  Even with the security groups numbering somewhere between 4 and 6 times the number of employees, users with the power to grant permissions who unfamiliar with how to give users permissions added users individually to sites, libraries, and even… individual items.

Excuse me a minute while I go have a nervous breakdown.  Again.

That one gets me every time.

I can’t tell you the number of times that I have had to untangle the permissions for items in document libraries.

  • Again, who is responsible for the site and granting access?
  • How can the average user find out (easily find out!) who to contact to get rights granted?
  • What are the best practices for your environment for managing those rights (SharePoint groups, AD groups?)?
  • Who is responsible for making sure that the people responsible for doing the granting are aware of those best practices?

Content Accuracy

This is less of a problem in my environment, though it has been common to find out-of-date documents alongside current documents, with little clear labeling of which document was up-to-date, especially if you were locating the document by searching for it.

  • Is anyone reviewing the content for accuracy? 
  • Are the reviews being done periodically or sporadically, if at all?
  • Who is responsible for making sure only the current versions of policies and procedures are available to the general users? (Yes, there are specific cases where older versions may be needed as a reference.)

Content Appropriateness

Again, not a real problem in my environment… at least, not that I know of.  Which I guess could also be said for the content accuracy as well.  Uh oh….

  • Do you really know what is being posted in your environment?
  • Does it comply with your company’s policies? (Which policies – the out-of-date ones, or the current ones?)
  • How much trouble would your company be in if someone posted that on your SharePoint?   (The exact nature of “that” I leave to your fertile imagination.) (Just be careful not to swear out loud.)
  • Do your users always exercise the best sense and good taste?
  • Who is reviewing your content?

Content Restrictions

Some companies have legal or security restrictions about what can be posted, based on who has access to the content.  This could be anything from ITAR to HIPAA, PCI DSS, or other privacy restrictions. 

And what about copyright?  Do you own the rights to publish that content on your SharePoint site?  Do you know?

  •  A little swearing out loud is understandable at this juncture.  But do try to keep it down. 
  • If you aren’t swearing, be sure to show this post to your legal department.  You’ll hear some of the most colorful language…
  • Will someone please review the content?  Please?

These are just a few of the risks you take not having adequate governance.  An unmanagable environment, where people can’t find and assess current and accurate data, but can find things that shouldn’t have been posted.

Next time – SharePoint Governance – What is it?

Read the whole series on SharePoint Governance:
Part One: SharePoint Governance – Why? (You are here!)
Part Two: SharePoint Governance – What is it?
Part Three: SharePoint Governance – vs Organizational Culture
Part Four: SharePoint Governance – Your Plan
Part Five: SharePoint Governance – Law & Order

More posts about SharePoint.

Comments on: "SharePoint Governance – Why?" (9)

  1. […] the vein of “write what you know”, I’ve been writing about my current project, a governance plan for the SharePoint 2010 implementation that we are […]

  2. […] series on SharePoint Governance has been reprinted on […]

  3. […] SharePoint Governance – Why? […]

  4. […] feedback from other Twitter users.  (It also didn’t hurt that the topic I had chosen (SharePoint Governance), in addition to being what I was working on at the time, was and continues to be a hot topic in […]

  5. […] talked about how the existing environment was a mess.  Rather than upgrade the mess, our strategic decision was to use a third-party migration product […]

  6. […] SharePoint Governance – Why? […]

  7. […] thing I brought with me from my last job was an understanding of just how bad site sprawl can get.  I knew going into the meeting that management only had a vague idea about sites, the reasons for […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: