What is governance?
Applies To: Office SharePoint Server 2007
This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.
Topic Last Modified: 2016-11-14
Governance is the set of policies, roles, responsibilities, and processes that you establish in an enterprise to guide, direct, and control how the organization uses technologies to accomplish business goals. Effective governance anticipates the needs and goals of both your organization's IT teams and its business divisions. Governance also provides policies and guidelines that make the deployment of products and technologies such as Microsoft Office SharePoint Server 2007 both manageable for IT and also effective as a business tool. Governance can help protect your enterprise from security threats or non-compliance liability. It can also help ensure the best return on your investment in technologies, such as by enforcing best practices in content management or information architecture.
Every organization has unique needs and goals that will affect its approach to governance. No single approach will fit the cultures or requirements of all organizations. For example, larger organizations will probably require more governance than smaller ones.
Because deploying Office SharePoint Server 2007 introduces new ways of sharing information, collaborating, and implementing business processes in your organization, there are unique considerations for governing Office SharePoint Server that you may not have previously encountered. The content in these governance articles is provided to both promote the need for governance of Office SharePoint Server deployments and to provide example of the types of Office SharePoint Server activities and processes that your organization should consider governing.
In this article:
What should be governed?
Who should determine governance policies?
How should governance be implemented?
What should be governed?
Office SharePoint Server helps organizations gain control over their content, develop insights about their content, streamline their business processes, access information, and share information. For an Office SharePoint Server deployment to succeed, these organizational needs should be met in a way that is consistent with the constraints and policies of the organization's IT department. Governance is the method by which your enterprise balances these requirements. To keep solutions based on Office SharePoint Server both effective and manageable your organization should consider governing one or more of the following areas:
A key contributor to an enterprise's efficiency and effectiveness is how quickly and accurately its information workers can find and use content and data. Without properly designed and governed information architecture, an enterprise's effectiveness can be diminished. For example:
Inconsistent use of metadata can make it difficult to search for and compare related items of information.
Poorly designed and managed storage of content can cause a proliferation of duplicate versions of documents. As a result, users cannot identify the authoritative version.
Poorly cataloged and managed storage of data can cause decision-makers to use the wrong data.
Poorly designed portal navigation can make it difficult to find work-critical sites and information.
Poorly presented information can reduce the ability of some users to access the information.
Governing your enterprise's information architecture is a key to the successful use of Office SharePoint Server 2007 and requires the participation of business managers, content managers, information workers, site designers, and IT professionals.
IT Service hosting SharePoint Server
A common problem in an enterprise is the proliferation of individually managed Web servers running Windows SharePoint Services 3.0 or Office SharePoint Server 2007. Although it is inevitable that individual teams will drive the adoption of one or more SharePoint products and technologies, ungoverned adoption can cause problems. For example:
Each server can become an island of information, forming a patchwork of sites that lack a common search index, navigation, or security scheme.
Some servers may host applications that are insecure and that compromise the enterprise.
Poorly trained users may create requests for support on local servers that are unknown to the support team.
Critical activities like regulatory compliance may be administered inconsistently across servers.
Regular maintenance activities, such as backing up and restoring data and installing product updates, may not be done correctly because of poor training or because servers are not configured consistently.
Site owners may switch teams or leave the enterprise, making it unclear who owns content or causing sites to be locked.
The early adoption of Office SharePoint Server 2007 will often occur inconsistently in your enterprise as individuals or small teams deploy and start using it. As the use of the product in your enterprise increases, we recommend that your IT department plans and implements a set of well-governed hosting services that makes Office SharePoint Server 2007 available in a controlled way.
Office SharePoint Server 2007 includes customizable features and capabilities across multiple product areas, such as business intelligence, forms, workflow, and content management. However, customization introduces new risks to the stability, maintainability, and security of the Office SharePoint Server environment. To support customization in a controlled manner, develop a customization policy that addresses the following:
The customization tools that are allowed.
The method for handling source code, such as how it will be maintained in a source control system, how it should be documented, and so forth.
Development standards, such as coding best practices.
Testing and verification standards.
Required packaging and installing methods.
The types of customizations supported.
For more information on processes for managing customizations, see the white paper SharePoint Products and Technologies customization policy (http://go.microsoft.com/fwlink/?linkid=92311\&clcid=0x40).
If you are designing an information architecture and set of sites for use across the enterprise, consider including branding in your governance policies. By implementing a branding policy, you help ensure that sites consistently use enterprise imagery, fonts, themes, and other design elements.
Consider a training plan in your governance plans. Although Office SharePoint Server has an intuitive, Web-based interface and includes online help, using and especially administering sites based on Office SharePoint Server can be a challenge to some users. This can be further complicated by the set of capabilities available to various users based on their permissions levels. Additionally, the set of governance policies your IT and business divisions implement may require explanation. By properly training your user community, you can increase satisfaction with your SharePoint implementation and reduce support costs.
Who should determine governance policies?
A successful deployment of Office SharePoint Server must provide the functionality that the enterprise's business divisions require in a way that is manageable and sustainable by the enterprise's IT organization. It therefore requires an ongoing dialog and partnership between IT professionals, business managers, and information workers in the enterprise. To achieve this, effective governance of a deployment of Office SharePoint Server requires the participation of all of these stakeholders in a governance body.
Consider including the following roles when you create the body that will govern your enterprise's Office SharePoint Server services and information architecture:
Executive stakeholders Key executives should define the overall goals of the governance body, provide it with authority, and periodically evaluate the success of the implemented practices and policies.
Financial stakeholders The governance rules and processes should help increase the return on the enterprise’s investment in SharePoint products and technologies. To ensure this, financial officers should participate in the governance body.
IT leaders IT leaders must help develop their service offerings and determine how to achieve their IT responsibilities (such as providing security and maintaining reliability) while providing the features required by the business teams.
Business division leadersBusiness leaders represent the teams that do the primary work of the enterprise and drive the architectural and functional requirements of the Office SharePoint Server deployment. They should help determine the enterprise's information architecture and organizational taxonomy standards and work with the IT leaders to achieve service level agreements and other support policies.
Compliance officers Governance includes ensuring that an enterprise meets its regulatory and legal requirements and manages its corporate knowledge. If your enterprise has roles that are responsible for compliance or legal oversight, include representatives from those disciplines in your governance body.
Development leaders Leaders in your software development organization should help determine what customization tools should be allowed, how to verify code security, and other code-related best practices.
Information workers The members of your organization that do its day to day work should help ensure that the Office SharePoint Server services and information architecture meet their needs.
How should governance be implemented?
Every enterprise is unique and should determine the best way to implement its own governance plan. The following are suggested stages of a governance implementation for your enterprise to consider:
Determine initial principles and goals The governance body should initially develop a governance vision, policies, and standards that can be measured to track compliance and to quantify the benefit to the enterprise. For example, at this stage, the initial corporate metadata taxonomy could be determined along with the initial IT service offerings. The initial principles, goals, and standards should be published and publicized.
Develop an education strategy The governance policies that you determine must be publicized to your enterprise, and you should have ongoing education and training plans. Note that this includes training in the use of Office SharePoint Server and training in the governance standards and practices. For example, your IT department could maintain a frequently asked questions (FAQ) page on its Web site to respond to questions about its Office SharePoint Server service offerings. Your business division could provide online training that describes the implementation and use of the document management system in the enterprise.
Develop an ongoing plan Because successful governance should be ongoing, the governance body should meet regularly. Ongoing activities include incorporating new requirements in the governance plan or reevaluating and adjusting governing principles or standards. Conflicts may need to be resolved as competing needs arise, such as between your IT department and one or more business divisions. Your governance body should report regularly to its executive sponsors to promote accountability and to help enforce compliance across the enterprise. Keep in mind that, although this sounds laborious, the goal is to increase the return on your investment in Office SharePoint Server, maximize the usefulness of your Office SharePoint Server solution, and increase the productivity of your enterprise.
Download this book
This topic is included in the following downloadable book for easier reading and printing:
See the full list of available books at Downloadable content for Office SharePoint Server 2007.