I have written a few posts previously about Governance. It is one aspect that shall never be ignored by organizations when setting up SharePoint, Teams, and Microsoft 365. In this article, I would like to summarize the four major components/elements that make up SharePoint Governance, such that you can start putting the framework together within your organization on how to best set it up.
Governance Component # 1: Policy Definition
The first component of Governance is the Policy Definition. It can be achieved and is made up of two elements.
- Governance Document
- Governance Committee
This could be a dedicated Governance Document you will put together or an outline of generic “rules of engagement.” Something that will capture what is and what is not allowed within the Microsoft 365 eco-system. Examples of these could be whether or not external sharing is permitted. Or if the sites should all stick to the same look and feel, branding guidelines, etc. Or if users can create their own Teams and SharePoint Sites or if they have to go through a formal approval process.
I developed a template some time ago that you can use to start putting the Governance document together for your organization. The template is a bit outdated since, from the time I posted it, Microsoft made many improvements and added additional features within SharePoint, Teams, etc., but for the most part, it is still valid. I would say use it as a starting point. You may download the free SharePoint Governance template here.
Governance Committee is the body that will ultimately decide what goes into the Governance Document and is responsible for its content, updates, and critical decision-making. I recommend an 80/20 Business to IT ratio. At the end of the day, Business owns the content, and IT serves as just the body implementing the policy and various settings.
Governance Component # 2: Configuration
The second component of SharePoint Governance is the Configuration itself (per the Governance Document). This is where you address the decisions made by the Governance Committee and documented within the Governance Document. Examples of Configuration could be the configuration of external sharing settings within the SharePoint Admin Center, the configuration of global metadata terms within the Term Store or global Content Types within the Content Type Gallery, creating proper Site theme/branding, etc.
One other area that IT might configure is the Compliance and Retention Policies.
Governance Component # 3: User Awareness
The third element that makes SharePoint Governance successful is User Awareness. You can document the hell out of the SharePoint Governance Document, but if users are not aware of it and not familiar with some of the rules of the engagement, it is useless. So some sort of Corporate training is necessary on the tools themselves (SharePoint, Teams), but equally important – the rules of engagement are documented in the Governance Document. For example, is it OK to load certain file types into SharePoint? Is it OK to sync client sites locally to a computer? Is it OK to share some content externally? Where should all the official documents/templates be stored?
Make sure not to take any shortcuts and omit this crucial step.
Governance Component # 4: Monitor and Control
The last but not the least of the four components of SharePoint Governance is Monitor & Control. So you created your Governance Document, configured all the settings, and trained everyone too, but now what? Well, now is the time to see how everything works and adjust. You can do so by doing proper Monitor and Control. Typically this would be done via reports generated by IT from the Microsoft 365 Admin Center. You can analyze Audit Logs, Site Usage Reports, and perhaps even utilize some third-party tools as well.
And, of course, based on the findings, you can adjust the Governance document and settings as necessary.