Governance in SharePoint – Part 2

In Governance in SharePoint – Part 1 I focussed on some of the key thoughts, definitions and critical factors of developing and implementing SharePoint governance. This article will explore some of the best practical and theoretical frameworks I’ve come across to effectively apply SharePoint governance. Part 3 of the series will identify some of the main aspects for consideration when creating a SharePoint governance plan and part 4 will highlight some of the main out-of-the-box features that can be harnessed in SharePoint to implement governance policies, standards and procedures.

One of the main reasons SharePoint governance is considered difficult is that no two governance plans should ever be exactly the same. This makes consistent application of governance across different organisations more challenging and less prescriptive than say deploying SharePoint using published best practices. One of the ways to mitigate this is by following some of the practical and theoretical frameworks designed to lead you in the right direction when faced with implementing a successful SharePoint governance plan. The following will seek to get some of the best frameworks available (in my opinion) into the spotlight and give you some choice over which best fits your definition of what SharePoint governance is and how it should be applied.

Governance using CoBIT 4.1

CoBIT 4.1 according to the ISACA site is ‘an IT governance framework and supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. COBIT enables clear policy development and good practice for IT control throughout organizations. COBIT emphasizes regulatory compliance, helps organizations to increase the value attained from IT, enables alignment and simplifies implementation of the COBIT framework.’

Dave Chennault and Chuck Strain have built upon this widely recognised framework to provide the guidance required to create processes and controls that avoid or limit the impact of risks encountered when deploying SharePoint.

Taking the principles and processes from the CoBIT framework, they have realigned them into 6 phases:

  • Scope
  • Plan for Launch
  • Prepare for Operations
  • Launch
  • Operate
  • Enhance

The beauty of this framework is that it is practical and applicable in a consistent manner. This goes somewhat against what we mentioned previously – that this can’t be done – but the CoBIT framework mitigates this by stating that not every conceivable activity/task is listed as a control objective and that it is a starting point that should be added to based on needs. It also states not all the control objectives need to be met and that they are goals and guideposts only – essentially meaning that this is a great starting point for a thorough governance plan in a framework which is recognised internationally for auditing and compliance purposes.

Chris McNulty’’s Governance Cycle & 5 Pillars and Ps

Chris has written some excellent pieces in relation to SharePoint governance, a couple which I found highly useful and applicable as a theoretical framework to approaching the topic. There are a few different main theories which i’ll point out below, all of which can be found in either his post 2012 is the Year for SharePoint Governance or in his white paper (you must sign up to access it) The 5 Pillars of SharePoint Governance

The first theory in Chris’ methodology is the cycle itself:

  • Establish stakeholders: These should be business users and stakeholder engagement should remain constant
  • Gather requirements: Must understand the business goals and develop a consensus on how the requirements match these goals
  • Develop governance framework: The policies and procedures that make up the governance plan – these should map to the business goals
  • Implement governed operations: Guided by the policies and procedures, this should involve training and communication and be automated where possible
  • Measure results: Sustained governance programs require evaluation, both qualitative and quantitative
  • Evaluate success for next steps: This essentially forms the basis of the governance’s continual improvement

The second is his 5 Pillars of SharePoint Governance:

  • Security
  • Auditing (compliance)
  • Reliability
  • Usability
  • Supportability

And the third his 5 P’s which make up SharePoint governance:

  • People
  • Purpose
  • Policies and Procedures
  • Products
  • Partners

Overall the 3 main theories provide an insight into how to establish an overall governance plan for SharePoint. Like most of the theoretical frameworks they require a lot of knowledge and work to apply them practically, but it forms a great basis for understanding the principles of effective SharePoint governance.

Ant Clay’’s 5 Pillars of SharePoint Governance & The Visual Thesis of Kubernao

Ant is one of the leading governance voices in the SharePoint community currently. Building upon previous governance posts such the 5 Pillars of Governance and Governance 3.0, he has now self-published The SharePoint Governance Manifesto which I believe deserves the small asking price for the book. Ant is a business-focussed SharePoint governance practitioner and his 5 Pillars theory ensures broad coverage over what needs to be covered and achieved for successful governance.

In his own words, the 5 Pillars of SharePoint Governance is a guiding, facilitative and inclusive approach to implementing the SharePoint platform and delivering measurable business outcomes that support the organisational strategy by combining:

  • IT assurance
  • Project governance
  • Information governance
  • Technology and business alignment
  • Continuous improvement

Combined with his governance rules in The Visual Thesis of Kubernao (read The SharePoint Governance Manifesto for more) Ant provides a tonne of theoretical guidance on how to effectively conduct SharePoint governance.

Navantis Governance Framework

This one was a bit of a surprise. I hadn’t heard of Navantis or the author Christopher Woodill previously but after giving his white paper, An Introduction to SharePoint Governance a read, was impressed and saw it as a solid framework with quality additional supporting information.

Navantis lists the model for mature SharePoint governance as requiring:

  • Business Goals and Objectives
  • Roles and Responsibilities
  • Program Strategy
  • Key Performance Indicators

The Program Strategy is further broken up into

  • Business Practices and Policies
  • Requirements
  • Customisation
  • Infrastructure and Maintenance
  • Operations and Support
  • Training and Adoption

They also define some key deliverables from the governance process which should help to identify the outputs that should exist at the end:

  • Implementation Strategy
  • Operational Strategy
  • Responsibility Matrix
  • Organisational Structure
  • Costs, Commitments and Funding Models
  • Tools

Overall I believe it’s a solid framework and touches on a number of key focus areas for consideration and deserves consideration when forming a SharePoint governance plan.

Salem’’s 7 Pillars of Wisdom / SharePoint Governance

Definitely not for the faint-hearted, Ian McNiece has penned an epic (152 pages) and unique take on SharePoint governance in SharePoint Governance & the Pillars of Wisdom. Relating SharePoint governance to a concept which has ‘underpinned global philosophies and theologies for centuries’ was an interesting angle but overall the theory is sound and the concepts discussed hard to argue against.

There is simply too much information in this one to sufficiently break it down into a short synopsis so I suggest you take some time to read through the white paper and discover how with theological support you can break down the elements of SharePoint governance into:

  • Global Governance
  • Corporate Governance
  • Program Governance
  • Service Governance
  • Platform Governance
  • Participatory Governance
  • Usage Governance

I was already a fan of Ian’s work having consumed his published e-book Step by Step SEO: Search Engine Optimisation for SharePoint Internet Sites and this governance piece has only enhanced my respect for both him and Salem.

Paul Culmsee’s f-laws

This one is more of an honourable mention rather than a practical or theoretical framework towards SharePoint governance – but Paul is currently in the process of blogging about his 17 f-laws in his Confessions of a (post) SharePoint Architect governance series. There is already some nuggets of wisdom in the initial posts and i’d encourage you to follow through the series and the rest of his CleverWorkarounds site to explore another unique take on the world of SharePoint governance. I’m hoping to someday be able to sit in on his SharePoint Governance and Information Architecture class to immerse myself in the theory to a greater extent, but for now the Confessions series will have to suffice.

In this post we’ve explored some of the best practical and theoretical frameworks I’ve come across to effectively apply SharePoint governance. My recommendation would be to take which ever bits seem most relevant to the needs of your organisation and use them as a guide to what you may need to cover – you may identify with one of these frameworks or may prefer to devise your own – but what is most important is you factor in which ever areas of SharePoint governance are relevant to you and ensure they’re considered when devising the governance plan. The next post in this series, Governance in SharePoint – Part 3, will identify some of the main aspects for consideration when creating a SharePoint governance plan.

How I passed 70-576

I had the good fortune today to sit, and thankfully pass, exam 70-576 – PRO: Designing and Developing Microsoft SharePoint 2010 Applications. Aside from the fact the computer tried to tell me I was a no-show even after turning up half an hour early, it all went rather smoothly.

I’ve had a bit of experience sitting the Microsoft exams in the past. Going back as far as June 2008 sitting the core .NET and Winforms exams and then moving on to 3 of the 4 2007 SharePoint exams in 2009/2010, so I figured I kind of knew what to expect. This is probably the most amount of study I’ve put into a cert as well and as such I’ve learnt more than I ever have before – definitely the main benefit you get out of sitting the exam is the amount of content you learn to pass it.

But anyway, back to the point. I discovered a lot of different valuable resources that assisted me along the way to passing this exam. A few I didn’t end up getting to but i’ll include them anyway for the sake of completeness – they may come in handy.

Blogs: Rather than create these types of posts which was my original intention, I thankfully found some existing blogs that covered off what I wanted – namely breaking down the exam into it’s components and either explaining or linking off to MSDN/Technet content. The most useful I found was Martin Bodocky’s set of posts but beware – it’s definitely not for the short of time. This formed the majority of my study, and while the content could be found on MSDN/Technet directly – his posts saved me a lot of time!

Another blog I read towards the start was Pedro Pinto’s guide to the exam – it covered a reasonable amount of content and would be more attractive to those short on time or allergic to constant link-clicking in MSDN.

Training and Labs: Admittedly I never got to any of this content. I would eventually like to, but time didn’t permit. As it turned out, I didn’t really need it to pass the exam – but i’m sure it would suit those more inclined to hands-on learning rather than reading.

Videos: Now this is where I struck gold. Watched all of these and they were well worth it. The exam-cram series by Ted Pattison is a must see – shout out to my colleague Elliot Wood for tracking them down.

That about covers it. I’ll sign off with a bit of my own advice. Read the questions carefully – very carefully. Use process of elimination – there will be the obvious 1 or 2 incorrect answers but more important to see is (on some occassions) the 1 word in the question that makes all the difference to the answer. If you want advice on how to pass 70-573 then take a look at my post How I passed 70-573.

Good luck!