Tuesday, March 31, 2015

The SharePoint Governance Puzzle

The SharePoint Governance Puzzle

If you have been using or managing SharePoint then you would know how quickly SharePoint content, customisations and their growth, if not properly governed, can get out of control. Today most of the SharePoint customers have realised this and have SharePoint governance plan and policies defined for their SharePoint deployments. A governance plan could just be a brief document focusing on what users can and cannot do or a detailed framework governing every bit from SharePoint development to usage and maintenance.

However, a large number of organisations are still struggling in having effective SharePoint Governance in place despite of having a well-defined governance plan. To understand the reasons behind this issue we have to remember that a governance plan is not the solution but a part of the solution. Often organisations' focus is on defining a detailed and comprehensive governance plan but that focus gets shifted away when it comes to implementing the plan. Once a governance plan is created it is somehow assumed that it is now up to IT support to ensure the processes and policies defined in the plan are enforced and implemented.

So let's first take a look at the key implementation challenges and then we will see what can be done to address them.

Implementation Challenges

A. The implementation deserves respect, treat it just like another project!
One of the reasons why the implementation doesn't get due attention is the absence of some tangible outcomes. Implementing a plan and associated policies is not like delivering a system. Furthermore it is not that straightforward to measure the outcomes and see the associated benefits. Therefore often interest in rolling out the governance plan dies soon after its creation. As a result governance 
documents are put somewhere on the same SharePoint site that is being governed and forgotten.

B. Yes, it does require (a little bit) of efforts and resources!
Another challenge is the availability and allocation of the efforts and resources required to enforce the governance policies with consistency. This gets further complicated when we recall the fundamental principle behind existence of SharePoint i.e. user empowerment. This can give rise to uncontrolled SharePoint growth where the balance of end-user power and IT control is not right for the environment. In other words SharePoint governance is lot different and demanding than managing, say your Active Directory. This makes it difficult for IT to enforce the policies without hindering user productivity (and annoying them).

C. If they don't know it then they won't do it!
Finally, enforcing governance does not merely require flicking some switches. The first step in implementing any set of governance policies is communicating them to the users and support staff. However the reality is that users often do not have the time and interest to read lengthy governance documents. Being humans (and as SharePoint users) they do not like tightly controlled environments either, they are needed to be convinced that the controls you are putting place will eventually work for them. An unhappy and ill-informed user may, instead, negatively see the governance policies as a roadblock towards being productive.

The secret behind a successful governance plan implementation

Well, there is no secret here really. In summary, it requires the IT management taking the implementation seriously (just like any other project) and seeing the benefits; doing effective user training and communication; and investing in automation to assist the IT teams in enforcing the governance policies.

User Communication and Training

We know very well that no one loves to read lengthy documents. Furthermore, reading text is one thing and remembering the content is another. So post governance framework creation the next challenge is to communicate it to the users (end user and support staff) while ensuring it is not too difficult for them for them to understand and remember all the key points.
One technique that can help here is creating summarised posters or cheat-sheets for specific group of users such as SharePoint site members, owners, administrators etc. You can combine the information with any visualisation techniques that you feel may be effective, like charts, tables and even comics. See one such an example below

It is also quite helpful (I would rather say necessary) to integrate the governance plan 'knowhow' into HR & IT processes like employees' induction, role change and termination procedures. This will ensure things happen when they are required to.
The next big thing is … Automation
To help with enforcing governance policies without creating a lot of overhead for IT support and end-users, you can also get assistance from some SharePoint governance tools. There are quite a few third party tools available for this purpose. These tools can provide
  • finer control in managing the SharePoint environment;
  • powerful growth forecasting and management;
  • comprehensive and centralized security control and permission monitoring;
  • provisioning workflows;
  • critical alerts and notifications etc.
We can divide the tools into two categories i.e. strategic and tactical. The basis of this subdivision is the product feature set, associated costs and resources required to implement them.

[I had another blogpost written on SharePoint Health Check which you can check here]

Tactical Tools    

Tactical tools are low cost options that enable the support teams to analyse and understand their SharePoint implementation and assess its health with reference to the governance plan and policies.

1. SharePoint Documentation Kit (SPDocKit): A windows application that can run standalone or be installed on the server. For more information check the tool here SPDocKit
  • generates detailed farm documentation on the target SharePoint environment
  • compares SharePoint farm configuration against best practices
  • can take snapshot of the environment and allows the support to compare with other SharePoint farms or the same farm but a different point in time
2. The SharePoint Diagram Tool: This is a quite handy tool that enables you to check if your SharePoint sites are having some kind of mushroom growth or flourishing like a beautiful well-maintained garden. It reverse engineers your site structure and let you visualise it in tree structure form. The tool can generates its output in multiple formats and you can then use MS Excel, a browser or Visual studio to render the site structure. Regular generation and analysis of site structure diagrams can be added to IT support processes for detecting any major violations of site-structure related governance policies. http://realworldsa.blogspot.com.au/2010/12/new-tool-for-sharepoint-2007-and-2010.html

Advanced Tools

1. ControlPoint by Metalogix: Metalogix offers a suite of tools for migrating and managing SharePoint content and that includes ControlPoint. ControlPoint is a well-refined product with an extensive set of features. It includes all the key components such as provisioning workflows, content growth monitoring, user action reporting and site stats; governance policy and permission management etc. For more information see http://www.metalogix.com/Products/ControlPoint.aspx     

2. AvePoint Docave Governance Automation: A solid product for SharePoint content migration and automating governance workflows. It can be seen as a strategic investment i.e. having AvePoint as the provider of some key SharePoint add-ons. They offer a range of SharePoint products, both for SharePoint in cloud and on-premise. However the governance module mainly focuses on SharePoint sites and site objects provisioning and deletion workflows. You will need to buy additional module(s) for end-to-end monitoring and reporting purposes. http://www.avepoint.com/products/sharepoint-governance/

3. Sharegate - SharePoint migration and Management Tool: An easy to use product offering both content migration and governance tools in one product. It allows the SharePoint admin to manage security settings, monitor environments' growth, get rid of unused & obsolete content and ensure that SharePoint meets the organisational standards. However, if you do not have SharePoint content migration needs then you cannot buy the governance module as a standalone product. Find more information at http://en.share-gate.com/

4. Acceleratio Governance Kit for Office 365: This is a low cost cloud based office 365 governance tool (they do not have a version for SharePoint on-premise). They also have another product SharePoint Documentation Kit (described in the 'Tactical Tools' section previously) that can help with reporting and site structure analysis. With this governance kit administrators can setup and configure SharePoint Online rules. The rules then can be applied to a specific site, list or library. It can generate detailed reports. Find more information at http://acceleratio.net/products/governance-toolkit-for-office-365/features/

I conclude here by emphasizing that first and foremost the implementation of a SharePoint governance plan should be taken and treated like a project. This approach ensures that the SharePoint governance policies do not just stay within the boundaries of a document but they do come out into action and reward everyone.

I have also published this post on my own blog The SharePoint Governance Puzzle