Planning for Governance The Key to Successful SharePoint 2010 Solutions Sue Hanley President Susan Hanley LLC
About Me Expertise: knowledge management, information architecture, portals and collaboration solutions with a focus on governance, user adoption, and metrics President, Susan Hanley LLC. Co-Author: Essential SharePoint 2010 and Essential SharePoint 2007 Co-Author: SharePoint 2010 Governance Planning white paper from Microsoft Led national Portals, Collaboration, and Content Management practice for Dell Director of Knowledge Management at American Management Systems http://www.susanhanley.com Mother of three “millennials”
Agenda Why is Governance Planning so Important? Presentation Title Agenda Why is Governance Planning so Important? What are Key Governance Considerations for SharePoint 2010 – What’s New? Top Ten Things To Consider for SharePoint 2010 Governance Planning Summary/Q&A
Presentation Title As we’ve all (hopefully) learned, SharePoint success is not just about technology 20% Support Technology Communications Documentation Solution success is about a lot more than technology, though it’s definitely important to get that right. At most, think of technology as representing maybe 20% of your solution investment time and effort. The rest is about non-technology considerations – and that’s where effective governance planning comes in. So, as I talk about governance today, I’m going to focus on the “non-technology” areas you need to think about in your governance plan. Policies Training Deployment
It’s easy to make mistakes … Presentation Title It’s easy to make mistakes … Not defining policies on what to use SharePoint for (and what not to use it for) Empowering users without appropriate training and guidance Letting users manage security when they have no clue what they are doing Not treating SharePoint like an enterprise application Not treating information like an enterprise asset Not planning for scale and/or growth Not providing SharePoint as a centralized service for the organization Not testing the backup/recovery process
… so it’s especially important to plan! Presentation Title … so it’s especially important to plan! Avoid solution, team site, and content sprawl Ensure that content quality is maintained for the life of the solution Provide a consistently high-quality user experience Establish clear decision making authority and escalation procedures Ensure that the solution strategy is aligned with business objectives Ensure that content is retained in compliance with record retention guidelines Ensure that site designers understand best practices Moreover, it’s especially important to have a Governance Plan for SharePoint solutions because: Many of SharePoint’s capabilities are not ‘required’ or ‘mandated’; users need to understand the value to get the benefit Users can do a lot – we give them “great power” and need to ensure they accept their “great responsibility”
What makes Governance so important for SharePoint 2010? Presentation Title What makes Governance so important for SharePoint 2010? Social computing features means more types of content to govern. New capabilities for sharing metadata across multiple site collections, and even server farms, means additional planning and control in order to leverage. User-friendly records management capabilities introduce an opportunity to create and enforce your records management plan. More opportunities for users to customize their sites with easy-to-apply themes, SharePoint Designer, and the opportunity to create Sandbox Solutions. Users have a far more participatory role in the solution information architecture through the use of tags, bookmarks, and ratings. They need to understand and internalize the value proposition for leveraging these features.
SharePoint 2010 Governance Planning Top Ten Presentation Title SharePoint 2010 Governance Planning Top Ten Identify an Inclusive Team Start with “Framing” Decisions Determine Your Deployment Model Define a Clear Vision Identify Roles and Responsibilities Develop Guiding Principles Decide Your Organizational Comfort Level with Social Computing Define Policies and Standards Document the Plan Socialize and Promote These are not necessarily meant to imply a sequence – but there is some rationale to the order. You’ll most likely go back and re-visit and revise along the way.
1. Getting Started | Be Inclusive Presentation Title 1. Getting Started | Be Inclusive Start with a small team to work on the Framing Decisions Engage a larger governance committee to review decisions IT Training HR Communications Knowledge Management Identify a small team to talk through key “framing decisions” Engage a larger governance committee to review initial decisions IT Training Human Resources Corporate Communications Knowledge Management
2. Start with Framing Decisions Presentation Title 2. Start with Framing Decisions Who will be allowed to set up a new page/site within the existing hierarchy? Who is allowed to manage metadata? For example, change metadata types or metadata values? What processes/roles can we assume for enterprise management of metadata? Who will be allowed to create a new level in the navigation or promote an existing site to the top level of the navigation? Who controls security on pages/sites? What is the default model for access? Can page owners re-design the page/site layout? If yes, how much of the page are they allowed to modify? What kind of “penalties” will be supported for non-compliance with governance standards? How will the Governance Model be updated and maintained? Who is allowed to make changes to the overall branding for the portal? I usually start by identifying some basic decisions that help set the stage for thinking about governance. I call these the “framing” decisions. Obviously, the answers to the questions are important, but what I find is most important is the conversation that each question generates. The answers to these questions don’t have to be permanent – answers can change over time.
3. Determine Your Deployment Model | One Size Does Not Fit All Centrally governed Fewer publishers Broad audience Central Portal Division Portals Groups & Teams Project Workspaces My Sites Note that your model will probably never be this simple. However, this gives you a way to think about your portal sites – how the governance model does not need to be identical for each type of site. One example: Control on Division and Central Portals by Corp comm; “below the line” control by business unit. Security open “above” and restricted below, which means governance does not have to be as strict. Locally governed More publishers More restrictive audience (with the exception of My Sites, which have enterprise-wide audiences)
4. Establish a Clear Vision | Know What You Want to Do! Presentation Title 4. Establish a Clear Vision | Know What You Want to Do! Business Goals, such as: Improve collaboration with partners Share best practices and collaborate across teams with online collaboration workspaces Replace shared drives with searchable, organized document repositories Business Outcomes, such as: Provide easier and more timely access to the information employees need to get their work done Provide easier and more effective mechanisms to move work between business entities Provide an organized "one stop shop" for information by making it easier to find authoritative information Improve the "time to talent," the speed with which new employees become productive Capture knowledge of retiring employees in a collaborative environment A clear vision statement provides critical guidance to the inevitable decision tradeoffs you will need to make in thinking about your Governance Plan. WE NEED TO BE “DOING” ENTERPRISE 2.0 IS NOT A VISION!!!
5. Roles and Responsibilities | Identify the Key Players Presentation Title 5. Roles and Responsibilities | Identify the Key Players It takes a village! Put the right team together… early Use an upgrade as an opportunity to engage Make sure every person in every role understands their responsibilities Don’t assume SharePoint can be managed with existing resources (even if SharePoint is already in place). Getting the right people in place is an important step in the process. Not all the roles need to be “net new.” They may just be different responsibilities for existing roles.
IT Solution Administrator Presentation Title Enterprise Roles Steering Committee Executive Sponsor IT Solution Administrator Business Owner Power Users Community Center of Excellence A role for someone to be in charge of enterprise metadata will depend on whether or not you take advantage of SharePoint 2010 Managed Terms. If you are going to share metadata across the enterprise, someone or some group will need to be responsible. Executive Sponsor - Serves as the executive level champion for the solution. Governance Board/Steering Committee - Serves as a governance body with ultimate responsibility for meeting the goals of the solution. Business Owner - Manages the overall design and functionality integrity of the solution from a business perspective. Solution Administrator (Technology) - Manages the overall design and functional integrity of the solution from a technology perspective. Works in partnership with the Business Owner. Technology Support Team - Ensures the technical integrity of the solution. Metadata Steering Committee/Content Steward - While some large organizations may already have an individual or group serving in this role, SharePoint 2010’s enterprise content capabilities require an overall metadata management plan and an individual or team responsible for maintaining the metadata dictionary over the life of the solution. Center of Excellence - Provides coaching and design consulting to new users who have full control design privileges to ensure that best practices are followed and that the appropriate SharePoint features are applied in individual sites or site collections. Power Users Community of Practice - Supports the successful deployment of SharePoint in the organization by sharing best practices and lessons learned in a Community of Practice team site. Members serve as SharePoint advocates and change agents. Metadata Manager Technology Support
Presentation Title Site Roles SPONSOR Approves request for site, ultimately accountable for content SITE USERS SITE STEWARD/ MANAGER Manages the site day-to-day. Monitors site security. Serves as content steward. MEMBER Uses site to access and share information. Has the ability to contribute content to the site. VISITOR Has “read only” permissions on the site.. SITE DESIGNER Follows best practices to create site design and security plan Site Sponsor: Serves as the centralized, primary role for ensuring that content for a particular page or site is properly collected, reviewed, published, and maintained over time. The Site Sponsor is an expert in the content that is showcased on the site or page. Site Manager/Site Contact: Manages the site day-to-day by executing the functions required to ensure that the content on the site or page is accurate and relevant, including records retention codes. Monitors site security to ensure that the security model for the site matches the goals of the business and Site Sponsor/Owner and support users of the site by serving as the primary identified contact point for the site. Acts as the Content Steward for the sites for which they are responsible. Site Designer: In an environment where site design is delegated to business users, creates and maintains the site (or site collection) design. Follows design best practices and guiding principles to ensure that even sites with limited access are optimized for end user value. Defines and executes the security plan for the site. Users: Uses the solution to access and share information. Users may have different access permissions in different areas of the solution, sometimes acting as a Contributor (content producer) and other times acting as a Visitor (content consumer).
6. Develop Guiding Principles Presentation Title 6. Develop Guiding Principles Define organizational preferences that support the vision Reflect best practices Make them memorable – your goal is to have users internalize these statements. Several types: General Security Design Content I often use “snarky” tag lines to help ensure that users remember the principles.
Example Guiding Principles Presentation Title Example Guiding Principles Guiding Principle Remember … Even though SharePoint may be a new vehicle for collaboration, SharePoint content is governed by all general policies pertaining to the use of IT resources, including privacy, copyright, records retention, confidentiality, document security, etc. Existing rules still apply—would you want your mother/customer/client to see this picture? Should your mother/customer/client be able to see this content? Do we really own this content? Design to minimize training requirements for end users: Use the best (and simplest) feature for each business objective. Just because you can doesn’t mean you should. You don’t really need to try every new feature! All sites or pages must have a clearly identified content owner. Make it obvious who owns the content on all pages and sites. Site Sponsors/Owners are accountable, but everyone owns the responsibility for content management. We’re all responsible for content management.
7. Think About Social Computing – What “fits”? Presentation Title 7. Think About Social Computing – What “fits”? What does “social” computing/software/Web 2.0 mean to your executives? Make sure you know! The absolute worst way to get started: “We should be doing Web 2.0” “The ‘millennials’ expect it.” There is only one good reason to enable social computing features: You have a business problem to solve. While you’re thinking improved collaboration and knowledge sharing, executives are thinking about “time wasting activities” like Facebook and fantasy football. Are their fears real? Maybe, especially if they read the article in the October 26, 2009 issue of Computerworld reporting a UK study that said that employees using Twitter, Facebook, and other social networks in the office are costing UK businesses more than $2.25 billion in lost productivity. Gaudin, Sharon. “Study: Facebook, Twitter Use at Work Costs Big Bucks.” Computerworld.com. 26 October 2009. Web 20 December 2009. http://www.computerworld.com/s/article/9139902/Study_Facebook_Twitter_use_at_work_costs_big_bucks Sure, leveraging community features might help attract new talent to the organization, but the features still need appropriate context and organizational support. Even more importantly, it's not about the tools themselves that helps organizations get business results, it's what the tools let users do to solve real business problems. If you are not already leveraging this type of technology in your organization, you need to approach the community features in SharePoint the same way you would approach any other project involving an emerging technology or one that is new to your organization: you need to have a business problem to solve.
Getting Social: Planning the use of SharePoint 2010 Community Features Presentation Title Getting Social: Planning the use of SharePoint 2010 Community Features Clearly Identify the Business Problem Identify Use Cases Be Prepared to Respond to Barriers Define Your Governance Plan Define a “Do-able” Pilot Project Prepare a Launch and Communications Plan This is a slight diversion from the main point of this presentation – but if you are going to get this right, you need to think about how you are going to deploy these features – and governance is just part of the challenge. Refer to Chapter 8: Essential SharePoint 2010. I worked really hard on this chapter and there is a lot of really helpful advice in there – a bargain at under $30!
Social Computing Governance Considerations Presentation Title Social Computing Governance Considerations Don’t allow users to post anonymous content on your intranet – own it! “Owning” your content on the intranet helps ensure that everyone plays by the rules and makes it very easy to ensure that governance policies are followed. My Sites What is your organization comfortable with sharing? Birthdays? (If HR or Legal is uncomfortable, what about “opt in?”) Other “personal” information? Set expectations about status updates. Don’t assume everyone knows what is appropriate. “Narrate your work.” Set expectations for “Ask Me About.” What skills are relevant? How well do you have to know about something? Ratings: be clear about what you are asking people to rate Tags: let them be personal, but provide good examples Some considerations are new for SharePoint 2010 so it’s something that you should start thinking about now as you think about how you will leverage SharePoint 2010 in your organization. One potential barrier I often hear: If we allow people to post anything they want in their profile or on their blog, they may talk about inappropriate topics or about other people or about information that can’t or shouldn't be universally shared. As a general rule, most people will do the right thing when it comes to sharing online. One of the reasons that you may see a “flame war” on the public internet is that people are often anonymous on the internet and can hide behind pseudonyms. This is not the case inside the organization where a general best practice is to ensure that all users “own” their comments and content. It would defeat the purpose of connecting people to other people inside the organization if anonymous contributions were the norm. Even if contributions are allowed to be anonymous in some circumstances, it is almost always possible that at least the system administrator will be able to see who is posting what content. With a documented policy and user names associated with content, this barrier becomes much less of a real risk. Model for determining degree of expertise: Knows About – You have information about the subject and can help direct inquiries. (Use only for an emerging or under- represented technology or practice.) Functional – You have used the discipline and can apply it to moderately complex problems. Advanced – You have used the discipline extensively and can assist others in applying it to complex problems. Expert – You are experienced in all aspects of the discipline and are able to develop creative solutions to complex problems. You can educate others Ratings are more controversial and probably deserve more thorough attention in your Governance Plan. Microsoft created an internal knowledge base for employees to share intellectual property (IP) with their colleagues. They enabled ratings on the site but at first, people were reluctant to apply the ratings because they felt that the ratings were about rating their colleagues, not the work, and people were reluctant to rate. Eventually, the deployment team changed the guidance around rating and asked users to rate "is this content IP?" rather than the implied "what do you think about this content?" (which users interpreted as "what do you think about this author?"). The change in direction gave users permission and guidance to be more subjective about what they were rating and participation increased. Social tags allow users to add their own personal metadata to content in the solution, which supplements the authoritative content assigned by content owners. Users can say "I like it" by simply selecting the content they want to tag and clicking the "I Like It" smiley face tag in the upper right hand corner of the page or they can add their own personal terms by clicking the "Tags and Notes" icon. The tag might describe what the content contains or what it does or just the user's personal term for the topic covered by the content. Since these tags are intended to be personal, you don't want your Governance Plan to be overly directive about what users should do. However, since social tags can have an impact on search (they can boost search results and are displayed in the refinement panel in search results), you should provide examples of meaningful tags on your organization's content so that users understand their value and how they work.
8. Define Policies and Standards Presentation Title 8. Define Policies and Standards Policies define rules for SharePoint use Usually driven by statutory, regulatory, or organizational requirements Users are expected to meet policies without deviation Standards describe best practices Usually established to encourage consistent practices Users may adopt the some elements of the standard that work for them while not implementing others Verify that your SharePoint polices and standards do not conflict with broader organizational polices. Publish policies and standards where users can easily find and follow them. Some policies may need to be published to all readers, while others may need to be secured to protect the integrity of the application. Regularly review and revise policies and standards to keep them aligned to organizational needs.
Examples of Policies and Standards Presentation Title Examples of Policies and Standards Content Posting content to existing pages or sites Posting content to the home page Content auditing and review Records retention Design Creating new sub-sites Page layout and organization Content types and metadata Content-specific guidelines/policies Security Branding Lots of detailed examples in: http://www.susanhanley.com/sitebuildercontent/sitebuilderfiles/chapter04planningforgovernance.pdf
9. Document the Plan Make it “consumable” Keep it alive! Include: Presentation Title 9. Document the Plan Make it “consumable” Keep it alive! Include: Vision statement Roles and responsibilities Guiding principles Policies and standards
Governance Plan Example Four audience-targeted sections Supplemented with “cheat sheets,” guides, lists, and stuff “Training” on main topics Name Description Primary Audience 1 Guiding Principles Governance overview, including description of roles and responsibilities and overall governance model All Users 2 Content Standards and Guidelines Overview of standards and best practices for publishing Users with Content Contribution privileges 3 Design Standards and Guidelines Overview of standards and best practices for site design Users with Site Design privileges (Site Designers) 4 Operations Policies Operational guidelines, including a description of the operational environments Portal Administrators
10. Socialize and Promote It’s not enough to just write it down Presentation Title 10. Socialize and Promote It’s not enough to just write it down Find champions Communicate persistently – use “serious anecdotes” to drive home the value proposition Be responsive to feedback Get a champion: key executive who “refused” to acknowledge an e-mail with an attachment
Summary Presentation Title Establish a Governance Plan to ensure quality and relevance of content and to ensure that all users understand their roles and responsibilities. Keep your governance model simple. Solutions need a strong governance model, but they don’t need complicated models with lots of bureaucracy. Don’t make the solution itself more complicated than it needs to be. Be careful about “over designing.” Just because SharePoint has a cool feature doesn’t mean that you need to deploy it—at least not right away. Ensure that all users with design or full control privileges have internalized your design guiding principles and that content contributors understand guiding principles related to content. Think about how you will ensure compliance with your Governance Plan over time, particularly for highly visible sites. An effective Governance Plan doesn’t have to constrain every move—it has to provide guidance to users to ensure that your solution remains effective and vibrant over time.
Resources Microsoft site summarizing governance resources for SharePoint 2010 http://technet.microsoft.com/en-us/sharepoint/ff800826.aspx
Please be sure to fill out your session evaluation! Thank YOU! Please be sure to fill out your session evaluation!