What is Corporate Governance?
Governance is the set of policies, roles, responsibilities, and processes that you establish in your enterprise to guide, direct, and control how it uses technologies to accomplish business goals. Deploying Microsoft Office SharePoint Server 2007 in your enterprise provides rich new capabilities such as online collaboration, document management, business intelligence, and Web publishing. To strike the right balance between the needs of the users of Office SharePoint Server 2007 and the IT professionals who deploy and operate it, iLink can help you create and enforce rules that govern the use of Office SharePoint Server in the enterprise.
Effective governance anticipates the needs and goals of both your organization's IT teams and its business divisions. Governance also provides policies and guidelines that make the deployment of products and technologies such as Microsoft Office SharePoint Server 2007 both manageable for IT and also effective as a business tool. Governance can help protect your enterprise from security threats or non-compliance liability. It can also help ensure the best return on your investment in technologies, such as by enforcing best practices in content management or information architecture.
Areas of Governance:
Effectively designed Information Architecture is a key contributor to an enterprise's efficiency and effectiveness is how quickly and accurately its information workers can find and use content and data. Information architecture should strive to meet the regulatory requirements, privacy needs, and security and business goals of the enterprise.
Without properly designed and governed information architecture, an enterprise's effectiveness can be diminished. For example:
- Inconsistent use of metadata can make it difficult to search for and compare related items of information.
- Poorly designed and managed storage of content can cause a proliferation of duplicate versions of documents. As a result, users cannot identify the authoritative version.
- Poorly cataloged and managed storage of data can cause decision-makers to use the wrong data.
- Poorly designed portal navigation can make it difficult to find work-critical sites and information.
- Poorly presented information can reduce the ability of some users to access the information.
A common problem in an enterprise is the proliferation of individually managed Web servers running Windows SharePoint Services 3.0 or Office SharePoint Server 2007. Although it is inevitable that individual teams will drive the adoption of one or more SharePoint products and technologies, ungoverned adoption can cause problems. For example:
- Each server can become an island of information, forming a patchwork of sites that lack a common search index, navigation, or security scheme.
- Some servers may host applications that are insecure and that compromise the enterprise.
- Poorly trained users may create requests for support on local servers that are unknown to the support team.
- Critical activities like regulatory compliance may be administered inconsistently across servers.
- Regular maintenance activities, such as backing up and restoring data and installing product updates, may not be done correctly because of poor training or because servers are not configured consistently.
- Site owners may switch teams or leave the enterprise, making it unclear who owns content or causing sites to be locked.
- The early adoption of Office SharePoint Server 2007 will often occur inconsistently in your enterprise as individuals or small teams deploy and start using it. As the use of the product in your enterprise increases, we recommend that your IT department plans and implements a set of well-governed hosting services that makes Office SharePoint Server 2007 available in a controlled way.
Following roles will be considered when creating a body that will govern your enterprise's Office SharePoint Server services and information architecture:
- Executive stakeholders Key executives should define the overall goals of the governance body, provide it with authority, and periodically evaluate the success of the implemented practices and policies.
- Financial stakeholders The governance rules and processes should help increase the return on the enterprise’s investment in SharePoint products and technologies. To ensure this, financial officers should participate in the governance body.
- IT leaders IT leaders must help develop their service offerings and determine how to achieve their IT responsibilities (such as providing security and maintaining reliability) while providing the features required by the business teams.
- Business division leaders Business leaders represent the teams that do the primary work of the enterprise and drive the architectural and functional requirements of the Office SharePoint Server deployment. They should help determine the enterprise's information architecture and organizational taxonomy standards and work with the IT leaders to achieve service level agreements and other support policies.
- Compliance officers Governance includes ensuring that an enterprise meets its regulatory and legal requirements and manages its corporate knowledge. If your enterprise has roles that are responsible for compliance or legal oversight, include representatives from those disciplines in your governance body.
- Development leaders Leaders in your software development organization should help determine what customization tools should be allowed, how to verify code security, and other code-related best practices.
- Information workers The members of your organization that do its day to day work should help ensure that the Office SharePoint Server services and information architecture meet their needs.
Office SharePoint Server 2007 includes customizable features and capabilities across multiple product areas, such as business intelligence, forms, workflow, and content management. However, customization introduces new risks to the stability, maintainability, and security of the Office SharePoint Server environment. To support customization in a controlled manner, develop a customization policy that addresses the following:
- The customization tools that are allowed.
- The method for handling source code, such as how it will be maintained in a source control system, how it should be documented, and so forth.
- Development standards, such as coding best practices.
- Testing and verification standards.
- Required packaging and installing methods.
- The types of customizations supported.
Branding & Training
If you are designing an information architecture and set of sites for use across the enterprise, consider including branding in your governance policies. By implementing a branding policy, you help ensure that sites consistently use enterprise imagery, fonts, themes, and other design elements.
Consider a training plan in your governance plans. Although Office SharePoint Server has an intuitive, Web-based interface and includes online help, using and especially administering sites based on Office SharePoint Server can be a challenge to some users. This can be further complicated by the set of capabilities available to various users based on their permissions levels. Additionally, the set of governance policies your IT and business divisions implement may require explanation. By properly training your user community, you can increase satisfaction with your SharePoint implementation and reduce support costs.