Governance in SharePoint – Part 2
January 4, 2013 2 Comments
In Governance in SharePoint – Part 1 I focussed on some of the key thoughts, definitions and critical factors of developing and implementing SharePoint governance. This article will explore some of the best practical and theoretical frameworks I’ve come across to effectively apply SharePoint governance. Part 3 of the series will identify some of the main aspects for consideration when creating a SharePoint governance plan and part 4 will highlight some of the main out-of-the-box features that can be harnessed in SharePoint to implement governance policies, standards and procedures.
One of the main reasons SharePoint governance is considered difficult is that no two governance plans should ever be exactly the same. This makes consistent application of governance across different organisations more challenging and less prescriptive than say deploying SharePoint using published best practices. One of the ways to mitigate this is by following some of the practical and theoretical frameworks designed to lead you in the right direction when faced with implementing a successful SharePoint governance plan. The following will seek to get some of the best frameworks available (in my opinion) into the spotlight and give you some choice over which best fits your definition of what SharePoint governance is and how it should be applied.
Governance using CoBIT 4.1
CoBIT 4.1 according to the ISACA site is ‘an IT governance framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. COBIT enables clear policy development and good practice for IT control throughout organizations. COBIT emphasizes regulatory compliance, helps organizations to increase the value attained from IT, enables alignment and simplifies implementation of the COBIT framework.’
Dave Chennault and Chuck Strain have built upon this widely recognised framework to provide the guidance required to create processes and controls that avoid or limit the impact of risks encountered when deploying SharePoint.
Taking the principles and processes from the CoBIT framework, they have realigned them into 6 phases:
- Plan for Launch
- Prepare for Operations
The beauty of this framework is that it is practical and applicable in a consistent manner. This goes somewhat against what we mentioned previously – that this can’t be done – but the CoBIT framework mitigates this by stating that not every conceivable activity/task is listed as a control objective and that it is a starting point that should be added to based on needs. It also states not all the control objectives need to be met and that they are goals and guideposts only – essentially meaning that this is a great starting point for a thorough governance plan in a framework which is recognised internationally for auditing and compliance purposes.
Chris McNulty’s Governance Cycle & 5 Pillars and Ps
Chris has written some excellent pieces in relation to SharePoint governance, a couple which I found highly useful and applicable as a theoretical framework to approaching the topic. There are a few different main theories which i’ll point out below, all of which can be found in either his post 2012 is the Year for SharePoint Governance or in his white paper (you must sign up to access it) The 5 Pillars of SharePoint Governance
The first theory in Chris’ methodology is the cycle itself:
- Establish stakeholders: These should be business users and stakeholder engagement should remain constant
- Gather requirements: Must understand the business goals and develop a consensus on how the requirements match these goals
- Develop governance framework: The policies and procedures that make up the governance plan – these should map to the business goals
- Implement governed operations: Guided by the policies and procedures, this should involve training and communication and be automated where possible
- Measure results: Sustained governance programs require evaluation, both qualitative and quantitative
- Evaluate success for next steps: This essentially forms the basis of the governance’s continual improvement
The second is his 5 Pillars of SharePoint Governance:
- Auditing (compliance)
And the third his 5 P’s which make up SharePoint governance:
- Policies and Procedures
Overall the 3 main theories provide an insight into how to establish an overall governance plan for SharePoint. Like most of the theoretical frameworks they require a lot of knowledge and work to apply them practically, but it forms a great basis for understanding the principles of effective SharePoint governance.
Ant Clay’s 5 Pillars of SharePoint Governance & The Visual Thesis of Kubernao
Ant is one of the leading governance voices in the SharePoint community currently. Building upon previous governance posts such the 5 Pillars of Governance and Governance 3.0, he has now self-published The SharePoint Governance Manifesto which I believe deserves the small asking price for the book. Ant is a business-focussed SharePoint governance practitioner and his 5 Pillars theory ensures broad coverage over what needs to be covered and achieved for successful governance.
In his own words, the 5 Pillars of SharePoint Governance is a guiding, facilitative and inclusive approach to implementing the SharePoint platform and delivering measurable business outcomes that support the organisational strategy by combining:
- IT assurance
- Project governance
- Information governance
- Technology and business alignment
- Continuous improvement
Combined with his governance rules in The Visual Thesis of Kubernao (read The SharePoint Governance Manifesto for more) Ant provides a tonne of theoretical guidance on how to effectively conduct SharePoint governance.
Navantis Governance Framework
This one was a bit of a surprise. I hadn’t heard of Navantis or the author Christopher Woodill previously but after giving his white paper, An Introduction to SharePoint Governance a read, was impressed and saw it as a solid framework with quality additional supporting information.
Navantis lists the model for mature SharePoint governance as requiring:
- Business Goals and Objectives
- Roles and Responsibilities
- Program Strategy
- Key Performance Indicators
The Program Strategy is further broken up into
- Business Practices and Policies
- Infrastructure and Maintenance
- Operations and Support
- Training and Adoption
They also define some key deliverables from the governance process which should help to identify the outputs that should exist at the end:
- Implementation Strategy
- Operational Strategy
- Responsibility Matrix
- Organisational Structure
- Costs, Commitments and Funding Models
Overall I believe it’s a solid framework and touches on a number of key focus areas for consideration and deserves consideration when forming a SharePoint governance plan.
Salem’s 7 Pillars of Wisdom / SharePoint Governance
Definitely not for the faint-hearted, Ian McNiece has penned an epic (152 pages) and unique take on SharePoint governance in SharePoint Governance & the Pillars of Wisdom. Relating SharePoint governance to a concept which has ‘underpinned global philosophies and theologies for centuries’ was an interesting angle but overall the theory is sound and the concepts discussed hard to argue against.
There is simply too much information in this one to sufficiently break it down into a short synopsis so I suggest you take some time to read through the white paper and discover how with theological support you can break down the elements of SharePoint governance into:
- Global Governance
- Corporate Governance
- Program Governance
- Service Governance
- Platform Governance
- Participatory Governance
- Usage Governance
I was already a fan of Ian’s work having consumed his published e-book Step by Step SEO: Search Engine Optimisation for SharePoint Internet Sites and this governance piece has only enhanced my respect for both him and Salem.
Paul Culmsee’s f-laws
This one is more of an honourable mention rather than a practical or theoretical framework towards SharePoint governance – but Paul is currently in the process of blogging about his 17 f-laws in his Confessions of a (post) SharePoint Architect governance series. There is already some nuggets of wisdom in the initial posts and i’d encourage you to follow through the series and the rest of his CleverWorkarounds site to explore another unique take on the world of SharePoint governance. I’m hoping to someday be able to sit in on his SharePoint Governance and Information Architecture class to immerse myself in the theory to a greater extent, but for now the Confessions series will have to suffice.
In this post we’ve explored some of the best practical and theoretical frameworks I’ve come across to effectively apply SharePoint governance. My recommendation would be to take which ever bits seem most relevant to the needs of your organisation and use them as a guide to what you may need to cover – you may identify with one of these frameworks or may prefer to devise your own – but what is most important is you factor in which ever areas of SharePoint governance are relevant to you and ensure they’re considered when devising the governance plan. The next post in this series, Governance in SharePoint – Part 3, will identify some of the main aspects for consideration when creating a SharePoint governance plan.