SharePoint Governance Guide Featured Image

SharePoint Governance Guide: How to Implement a Successful Plan

As hubley has grown and our project portfolio has expanded, we stand by everything we have said about why SharePoint projects fail. If you’ve tuned in for any of our earlier conversations on the topic, then you know that a lack of effective SharePoint governance is at the heart of every project’s failure. I wish I could spread the word about good governance and make it stick. Frankly, it would save so much pain and failure. 

Here’s a real-life example of how people (these people) know they should do better but often don’t. 

Every six months, I go to the dentist. My mother focused on this so much during my childhood that I assumed it was part of our religion. Those synapses formed, and my internal clock knew when to expect the “You have an appointment with us!” reminder postcard in the mail. [Hey, dentist, you can save your stamps when it comes to this girl’s mouth.]  

Anyway, at the dentist, the hygienist always asks me, “Do you floss?” and then, “How often?” On occasion, I can proudly exclaim, “Yes!” and “Daily!” and then there are other times I sheepishly answer, “Yeah. Well. Um. I use mouthwash every night. Most nights. Definitely some nights.” 

SharePoint governance is much like flossing. No one wants to do it, and few of us do it often enough, but it’s easy, not to mention necessary for preventing lots of problems. 

The Truth About SharePoint Online Governance 

Many of our clients feel lost when it comes to governance. While Microsoft has plenty of best practices published, these guidelines don’t answer the “why” about SharePoint Online governance, much less explain what it is. The issue our clients face is the question, “But how does this apply to MY business? How do I make this thing go?” 

Like flossing, you have to know how to do it right (no sawing motion with the gums!), and you need to follow a model or established method.  

The Microsoft model is certainly a valuable tool for jumpstarting the creation of your SharePoint governance plan, but it can also leave you with more questions than answers. Fortunately, you can navigate your way through this complex process by leveraging a SharePoint governance plan template.  

Don’t worry; there’s no need to launch your preferred search engine and start scouring the internet for articles with ridiculous analogies. We have all the goofy analogies you need along with plenty of actionable information on SharePoint governance right here. What you’ll find is that SharePoint online governance is far simpler than you predicted before, especially with the right resources at your disposal.  

Starting Your SharePoint Governance Journey 

Governance begins with an understanding of a shared vision for SharePoint use within the enterprise. Develop policies that support this vision. Ask yourselves this: are you looking to strategically add new functionality and enhancements to your SharePoint environment? Or is your main focus to keep it running status quo for now?  

Write down your vision as a start. It’s okay if your vision changes. Governance will change with it. 

Yes, you will need some sort of document with a framework or a Wiki or a SharePoint site with words. Let’s call those words your SharePoint Governance Plan. That plan’s purpose is to support the vision for governance at the time.  

Your plan should include the following components: 

A Map of Your Team Infrastructure 

The “team infrastructure” I mentioned above can also be called the SharePoint Governance Committee (SGC). This committee maintains and updates the governance plan. Because SharePoint is a business tool, its users ultimately own the SharePoint farm or tenant. The committee captures automation, document management, and application opportunities and then prioritizes them with an understanding of the technical and human resources available. 

What are the roles of your SGC members? You need someone in charge of branding rules, someone technical (an architect?), a power user, or a business user. The SGC should not be made up of your IT department. It should be a collaboration between IT and the business. 

But speaking of IT, there is a special role for them. They need to create policies for security, permissions, custom permissions, SharePoint groups, permission inheritance, backup/recovery, and storage/database sizing. All the technical stuff. 

Business users can contribute to policies and procedures on branding/standardization; site creation, archiving, retention, and deletion; and user training (content contributors and visitors). 

An Outline of Your Initial Governing Policies and Procedures 

One of the key responsibilities of your SGC will be to create governing policies and procedures. Creating the final draft of these procedures will take a while, which is why your team should not try to do so from the outset. Instead, they should hammer out the broader details first and refine their list of policies from there. 

For instance, your SGC can start by creating a list of topics or activities that need to be governed, which may include functions like: 

  • Creating content 
  • Installing or updating applications 
  • Onboarding employees 
  • Managing templates 
  • Storing and retaining information
  • Providing ongoing support 

These topics are going to look very familiar as you progress through our SharePoint governance plan template, as each of them needs to be addressed in great detail. Otherwise, your governance strategy will leave your SharePoint assets vulnerable to the same issues that have derailed the projects of so many other organizations. 

Clearly-Defined Creation Processes 

Under default settings, anyone can create groups in Microsoft 365 or upload information to SharePoint, so if you don’t adjust these settings, your SharePoint project will be like the wild west, where governing your staff’s actions will be nearly impossible. 

Therefore, you should restrict user access so that only select team members can engage in self-service creation. As part of the process, you will also need to set group expiration policies on your network. 

During this phase of SharePoint governance planning, consider teaching your staff members about best practices for using the platform. Educating your workforce is a critical part of governance that will help everyone get more out of SharePoint. 

Align Settings Across All Integrations 

SharePoint is designed to integrate with several other Microsoft apps, including Teams. Microsoft allows you to enable governance policies across all these related apps via SharePoint, thereby simplifying governance; however, some of these policies and settings overlap. 

Therefore, if you want to avoid any governance challenges, make sure to review your settings on SharePoint and all integrated apps. If a user has creation capabilities on SharePoint but lacks the same access on Teams or Microsoft 365, make the necessary corrections. 

Retention Policies 

If your organization operates within a closely-regulated industry, like healthcare or finance, it is vital that you set up detailed retention policies. These policies should address the compliance requirements unique to your industry, such as when you can delete data or how long you have to preserve information after expiration deadlines have passed.  

SharePoint retention policies are retroactive, which means your rule set will apply to documents created before the policy was put into place. Not implementing SharePoint retention policies can not only undermine your governance efforts but also expose you to serious fines. 

A Labeling Process 

Establishing an easy-to-adhere-to labeling process is another critical part of SharePoint governance. As its name suggests, it involves creating a procedure for labeling potentially sensitive data, such as personally identifiable information (PII). The process should not only help with classifying data but also with enforcing your cybersecurity protocols. 

Microsoft can assist with the labeling process via Microsoft Purview Information Protection (MPIP). Formerly known as Microsoft Information Protection (MIP), the MPIP solution streamlines the process of discovering, classifying, and safeguarding sensitive data across your entire infrastructure. 

Onboarding Procedures 

As shown by my dental hygiene story, humans have a habit of skirting the rules or ignoring proper procedures when they don’t understand the potential repercussions. Your new hires will follow suit if they aren’t properly brought up to speed on your SharePoint governance strategy. 

With that in mind, you need to introduce a SharePoint governance plan from day one when onboarding new team members. If you immediately introduce them to the concept of SharePoint governance and outline your expectations, they’ll be able to support your initiative. Conversely, if you do not discuss SharePoint governance during onboarding, you will be fighting an uphill battle every time you expand your staff.  

A SharePoint Support Strategy 

What is the process for prioritizing SharePoint requests? Is it based on criticality, impact, ease of use, cost, and whether the request can be built in-house or must be outsourced because of expertise or availability? Sometimes a scoring system is helpful. If that feels too heavy, a simple majority vote also works–as long as your committee members represent a fair cross-section of users and can express their needs. 

Schedule a Demo

Schedule a Demo
Scroll to Top