Wednesday, January 26, 2011

Stopping the Constant Advice Insanity: How to Actually Do Governance Right

Written by Errin O'Connor. Published in SPTechReport on January 26, 2011.

I get a Google alert every day on the news articles posted about Microsoft SharePoint for that day, and without a doubt I will see three or four “Best Practices Governance” or “How to Accomplish Governance”-type articles pop up from many different sources and organizations. I have personally been involved in more than 160 SharePoint projects, and I can tell you that SharePoint governance is something your organization must be prepared to not only take on but also to enforce.

When you're implementing an enterprise Microsoft initiative, everything has a governance item related to it, and the more complex your organization, the more confusing this may become. There are, though, principles and core pillars that you can ingrain in your organization that will ensure SharePoint will be a long-lasting platform for content management and collaboration, and for your Intranet/extranet and workflow requirements.

A properly implemented enterprise SharePoint 2010 deployment can stand up to any solution from companies such as EMC with Documentum and eRoom, and OpenText with Livelink (and save a few million in my client's budget along the way). I am convinced these companies' sales team and mass-marketing campaigns regarding SharePoint and its lack of this or lack of that have concerned and possibly jaded some people regarding Microsoft SharePoint, but really, enough is enough.

It starts with governance, and governance is everything. This means governing your hardware (servers), data centers, content databases, backup and restore strategies, site collections/content database strategies, training, site hierarchy, branding, available templates, charge back models, permission strategies, auditing, and end-user agreements, and holding users and their managers accountable. In the government world of SharePoint, you can add items such as 508 compliance standards, level 1 or top-secret data, or the need for specific configurations to protect sensitive data. In the medical world, throw in HIPAA compliance, FDA Part 11, PHI data, possible integration with Cerner or Epic, and many other factors.

Start with a SharePoint health check and assessment prior to taking on a governance effort, as well to ensure (if you already have a SharePoint implementation prior to implementing a governance initiative) that you can identify and correct things prior to moving forward.
SharePoint customizations need governance, and that includes SharePoint Designer for light to medium development or customization (Tier 1 and Tier 2), and then moving on to true development in SharePoint with Visual Studio 2010 (Tier 3), and how best to manage that code and bring it properly into your organization's environment.

Governance is a bit of a sweet science, but I spend every day having the privilege to work with some of the largest private-sector and government institutions in the U.S. I can tell you it's not about developing a small governance checklist and starting small on one site collection and testing the waters. It's about getting buy-in from IT Management. The ROI for a truly governed Microsoft SharePoint 2010 environment—which can be your ECM/records management, intranet/extranet, or workflow/BPM solution—is something that will not only increase, but the productivity gains can also set your organization apart from your competitors.

SharePoint can not only compete with but replace all other ECM platforms available. It's just about implementing it right the first time.

Errin O'Connor is one of the leading SharePoint architects and evangelists in the United States. He is the founder of EPC Group, a leading SharePoint consulting firm, and is the author of Windows SharePoint Services 3.0 Inside Out (Microsoft Press) and SharePoint Foundation 2010 Inside Out (Microsoft Press / O'Reilly).