Skip to main content

Goodness gracious, it's governance!

  • sharepoint

“Enough already with governance!”  I hear you groan.

Yes, I do realise this has been one of the hot topics of 2010 (the year and the version of SharePoint).
Yes, I know it’s just about been done to death in the blogosphere and conferences, as well as books, whitepapers, resource centers, etc.
But no, a Top 10 series on success with SharePoint simply cannot omit it, so here we go…

Why is governing SharePoint still so difficult in practice? Why is good advice proliferating, but apparently without giving rise to equally abundant excellent working examples in the real world?

Why am I still hearing businesses regularly describe deep SharePoint pain that can be directly attributed to poor governance?

Questionable Thinking 1: We’re too small / mature / |LS|choose your own adjective|RS| to need governance

It’s your choice. But even small organisations are quite capable of producing terabytes of data and hundreds, if not thousands, of SharePoint sites in an astonishingly short time. Large and mature companies still seem to end up with thousands of pages on their websites or intranets that haven’t been reviewed in years.  In your business, is SharePoint trying to coexist with other enterprise systems that do some of the same things?  Then there’s a very real risk of the promise that “everything will be so well structured and maintained, and so easy to find once we get SharePoint” being quickly eroded, no matter what your profile.  Fights break out over matters big and small – such as who simply must not have access to SharePoint Designer, or who can have it but what they must not do once they get hold of it.  Are you sure you don’t need governance?

Think again:

I came across the following on a blog the other day. I’ve augmented it only a little, and it’s as good a list as any to prompt thinking about if and when governance is needed for your SharePoint deployment:

In my SharePoint governance classes I often say that you should not release a SharePoint feature until you have a plan for it…

  • is governance required (is there risk through misuse and if so, what is the potential impact)?
  • who will own, support and maintain it?
  • how will you inform and train users?
  • what’s the impact on performance (both business and systems)?


Questionable Thinking 2: Our Project Governance was faultless so we’ll just carry on with that

Strong project governance is undeniably important while you’re deploying SharePoint (see Tip #2). But is the Steering Committee – being typically comprised of senior stakeholders and decision makers – the right group to take SharePoint forward into operational mode?

Think again:

After the champagne and launch celebrations, the long and sometimes hard slog of governing SharePoint becomes vitally important – keeping the environment’s use and development aligned to the original strategic need, ensuring the organisation continues to gain value from the investment, that SharePoint is maintained robustly and managed well for all constituents, and the platform is further enhanced over time in response to business needs.  While senior management obviously has an important role to play in achieving these objectives, a collaborative governance group or forum should be formed, comprising representatives from across the business, ideally at all levels of the hierarchy, for ongoing governance to be effective.

Questionable Thinking 3: We have a comprehensive written Governance Plan, so we’re sorted

It’s easy enough to write a plan.  There are lots of examples just a search away, and a couple of them are even quite good.  Some consultants make a good living from SharePoint governance; write a plan, hand over a document, walk away and don’t look. Job done?

Think again:

I do believe a written Governance Plan is essential – as long as it’s not a templated exercise but is carefully developed to suit the organisation’s objectives, culture, resources, staff and customers.  Joel Mr SharePoint Olsen has also rightly noted that a SharePoint governance plan should be a ‘living’ document and he should know, having developed the original sample SharePoint governance plan for Microsoft back in the days of 2007, and written extensively on the subject ever since.  Like some of my peers, I advocate using a SharePoint wiki to capture the governance documentation.  I’ve done this myself, and found it’s an easy and effective way of structuring and presenting the content, it’s reasonably straightforward for multiple stakeholders to maintain, and it’s very easy to link to specific sections of the plan from other sites or pages when it’s relevant to do so – for example, from a New Site Request form you might link to the Ts & Cs that Site Owners are expected to adhere to.

But no matter how great your written plan is, it’s just the beginning and it’s not much more than that.  How many people read plans?  And how many of those actually adhere to them?  The hard work is taking the plan and turning it into operational reality. And ensuring it keeps working over time.  That needs clear ownership, accountability and commitment from senior management.  It requires active cooperation between IT and business stakeholders. The right roles need to be accountable for appropriate facets of the governance framework. Understanding, agreement and compliance won’t happen because you’ve written something down.

Questionable Thinking 4: Isn’t governance IT’s concern?

Well, no.  In the SharePoint 2007 days, there was a plethora of blog posts about governance that were almost exclusively technical.  Paragraphs and paragraphs were written about quota management, and content database sizes, monitoring plans and SSP delegation rules, and blah blah blah.  I don’t mean to be dismissive – it’s an important fact that there are many technical aspects to governing SharePoint well that demand careful attention.  I’m just saying that a platform like SharePoint, which seeks to ‘empower’ the information worker – that is, give human beings tools to work in new and better ways – involves much more than technical assurance. If your governance plan focuses exclusively on managing the technology layer it won’t contribute greatly to success with SharePoint.

Think again:

These days, most of us have moved on from that somewhat limited view, and understand that SharePoint governance has a significant business dimension.  When SharePoint governance focuses on the users and aligns with business value and services it is more likely to be effective. And even more so, I suspect, when integrated into a holistic business governance framework, rather than tackled as a standalone.  Does anyone have governance plans for Microsoft Exchange or Office?   So while just doing “SharePoint governance” is undoubtedly better than doing nothing, we should be thinking about why SharePoint has been deployed for the business and how it fits into that organisation’s collaboration, information management or web content management ecosystem. Then we should be framing and contextualizing its governance accordingly.

Questionable Thinking 5: Governance = rules

Here are a few typical rules that you’ll find in many a SharePoint governance plan:

“We enforce formal requests for all new Sites, Wikis and Blogs. A manager’s authorisation is mandatory, as is a business justification.”
“Only IT personnel can have Site Collection Administration access.”
“No staff will be granted SharePoint Designer access unless they have been fully trained and certified.”
“Site Owners are granted full control permissions by exception only. They must sign an agreement acknowledging they take full responsibility and exercise the permission level at their own risk.”
“Site Owners are not permitted to apply themes to their sites.”
“Private My Sites will not made available to staff.”
“Employees may not edit their own profiles. Any request for changes to profile information must be sent  to HR.”
“All comments on the CEO’s internal blog will be moderated, and commenters will be identified by name.”
“Requests to recover or restore deleted or corrupted sites will be charged back to the requestor’s cost centre.”

Each and all of these may be entirely appropriate in a given organisation. Then again, they may not. In some business contexts or for some staff too many rules with an admonitory tone and restrictive intent may nip interest in SharePoint in the bud. Certainly there are enough dire warnings and real-world case studies of SharePoint environments that have devolved into a terrible mess to frighten any administrator into immediate lock-down mode. I’ve worked on some such environments myself and written my share of restrictive rules too. Even so, it’s very important to weigh up the costs and benefits of each rule before you rush to command and control at the outset. More sticks than carrots will engender certain behaviours, so be sure your legislation is producing the behaviours you really do want to manifest.

Think again:

Written and legislated well, rules do help all users in the same way effective government and social policies create agreeable societies in which citizens are able to pursue their own goals while contributing to the collective benefit of society. The police (dare I call them IT?) help ensure a lawful, ordered space for citizens (SharePoint users) to participate effectively.  But law and order shouldn’t be allowed to tip over into a regime. Citizens need some rules sure, but balanced with freedom and power to own their workspace and contribute meaningfully, or they’ll find ways – legal and illegal, explicit and subversive – to rebel.   Like sticking with C: drives and flash drives and email for instance.

I’ve probably stretched the societal metaphor about as far as it will go, but the point is that rules are important for SharePoint success when there are “just enough” and they’re somewhat in the background. Rules are never the heart and soul of an effective SharePoint community and they shouldn’t be too much in the foreground, too prescriptive or too numerous, or users will be frustrated, discouraged or alienated.

Questionable Thinking 6: Rules don’t work for us: our approach to governance is all about our vision

A governance framework that aligns to your vision for SharePoint is no bad thing.  And ideally the flip side of the coin will involve measuring how you’re tracking in achieving this vision and making adjustments as necessary.  Steering with governance, not commanding.  But let’s acknowledge that vision statements and visionary governance are unlikely to direct individual behaviour, don’t clarify who does what, probably won’t encourage uptake, and almost never contribute to strong compliance in and of themselves.


Think again:

When you set out to establish a governance framework for your SharePoint environment, be clear on its fundamental intent.  Governance, like it or not, is more about rules and responsibilities to support the common good than it is about striving for a shared vision.  Governance is not user adoption and it doesn’t explicitly support and assist individual staff in their use of SharePoint (even as it assists the organisation as a whole).   That’s the job of Change Management (see Tip # 7).  So align governance with the business vision certainly, but don’t try to make governance become the catch-all for anything and everything to do with making SharePoint work.

What makes good governance for Sharepoint?

A successful, functioning governance framework is likely to be:

  • Actively and regularly ‘steered’ by a formal, collaborative group comprising broad stakeholder representation, inclusive of IT and the business
  • Documented
    But not to the nth degree
  • Simple, based around broad guiding principles suited to the organizational profile, clear on roles and accountability, and light on low-level prescriptive rules
    But ideally it will clarify the typically problematic ‘grey areas’ re IT and business ownership of SharePoint – e.g. who makes the call on SharePoint development and customisation requests?
  • Inclusive and focused as much (if not more) on the business as on IT and the technology
  • Flexible and responsive to changing business needs
    E.g. If a rigid new site request process with mandatory approvals and justifications is keeping users away in droves, rethink it
  • Ideally, part of wider, holistic business governance and aligned with relevant functions and services

Need help?

If you’re in Australia, contact Chamonix   Otherwise, there are some excellent blogs and articles on governance in SharePoint and in general, so as is my wont  I’m going to list my favourites for the benefit of anyone who wants or needs to deep dive into this topic:

Summing Up

  • Governance is about as exciting as housework, but just as necessary for an enjoyable, orderly environment where everyone can work optimally
  • Don’t govern SharePoint and you can probably expect content anarchy or what some call the ‘wild west’.  But govern it too restrictively and you can expect user frustration, disenchantment or even complete avoidance
  • Ensure your governance framework is actively steered, documented, simple, inclusive and collaborative, flexible and aligned to the business