Beyond the Buzzwords: Implementing End-to-End SharePoint Governance and Compliance

Implementing End-to-End SharePoint Governance and Compliance

Dan HolmeMicrosoft Technologies Analyst & EvangelistMVP, SharePoint Server

danholme http://tiny.cc/[email protected]

ConsultantDan Holme

Dan Holme

INTELLIEM AuthorMAUI, HAWAIIAvePoint

danholme http://tiny.cc/[email protected]

http://www.amazon.com/gp/product/images/0735638853/ref=dp_image_0?ie=UTF8&n=283155&s=books

How do we implement effective, reliable, and compliant service delivery (for SharePoint)?

Governance

SharePoint Doesn’t

Matter

Business Matters

Business Outcomes

ServiceDelivery

GOVERNANCE

Governance is the set of policies, roles, responsibilities, and processes that guide, direct, and control how an organization's business divisions and IT teams cooperate to achieve business goals.

Governance

Define

Design Develop

Deploy

Manage

Measure

Modify

Change

Operations

Business Outcomes

ServiceDelivery

People

Process

Policy

People

Process

Policy

Innovation

Roles of GovernanceManage innovationDefine business needEnumerate business & technical “requirements”Identify risks vs. rewards; costs vs. benefitsAssign roles and responsibilitiesManage development of solution

Manage changeDeployment of solutionUser adoption of solution

Manage operationsDefine policies to which the service is managedVerify performance

Perfect 10

1. Identify Business Need

Define the Business NeedQuestion Identifies

What are we trying to achieve?

Outcomes

Why does it matter? Business Value

To whom does it matter? Politics

How do we know it worked? Metrics

Guidance: Identify Business NeedEstablish channels to identify needAssign responsibility for analyzing needDefine business needOutcomesBusiness valuePoliticsMetrics

2. Determine Feasibility

Define Business CaseQuestion Identifies

What is the business need? Benefit

Can it be delivered today? Suitability

What would it take to deliver? Cost

What could go wrong? Risk

Guidance: Determine FeasibilityEstablish processes to determine feasibilityAssign roles & responsibilitiesDocument business case for solutionBenefitSuitabilityCostRisk

Approve the business case

3. Establish a Project

The D’sDefine the solutionDesired outcomesStandardsPolicies

Design the solutionTechnical requirementsDesign specification

Develop the solutionBuild in iterationsValidation

Deploy the solutionDelegate to operations

Define

Design

Develop

Deploy

Delegate

Guidance: Establish a ProjectDetermine how you will progress through “The D’s”Assign responsibilities for project management

4. Architect the Solution

BusinessOutcomes

TechnicalConsiderations

InformationClassification

Information Management

Policies

ServiceArchitecture

InformationArchitecture


Standards

Service Management

Policies

FunctionalPreferences

InformationManagementArchitecture

FunctionalDesign

Project ConstraintsBudget, Timeframe, Resources

Guidance: Architect for ComplianceEstablish policyIdentify scopes and controls that enforce policy

Logical ArchitectureFarm

Web AppService

AppZone

Content DB

Site collection

Site

List / Library

[Folder]

Item / Document

Tenancy

Farm

Farm

TEAMS

Content DB

Site collection

Project B

Site collection

Project A

Scope(Top Level Site)

Control(ACL)

Control(Site Collection Admins)

Scope(Site Collection)

POLICY:OWNERSHIP

POLICY:ACCESS

Farm

TEAMS

Content DB

Control(Farm Architecture)

Scope(Farm)

POLICY:99.9% Uptime

Guidance: Architect for ComplianceEstablish policyIdentify scopes and controls that enforce policyMeasure cost of enforcement vs. risk of non-enforcement: The Two ROI’s™Return on InvestmentRisk of Inaction

Document the riskWhere service architecture doesn’t support “requirements”, there is risk

Bubble up the risk

Definition to DesignBusiness

Outcomes




Policies

ServiceArchitecture



Standards

Service Management

Policies



FunctionalDesign


DesignDefine


Outcomes





Outcomes






Information Architecture

Describe contentMetadataContent types

Content findabilitySite mapSearch optimization

Facilitate information management

Definition to DesignInformation ManagementPOLICIES

Security (Permissions)Compliance (Records)Lifecycle Management

CaptureStoreDeliverPreserveDelete

http://www.avepoint.com/assets/pdf/solution_briefs/Enterprise_Content_Management.pdf

BusinessOutcomes




Policies



Standards



Definition to DesignService ManagementPOLICIES

Uptime (availability)Data protection (integrity)

Content recovery

Business continuityDisaster recovery

PerformanceStorageInteroperability

BusinessOutcomes




Policies



Standards

Service Management

Policies



Definition to DesignArchitecture Design Specifications

BusinessOutcomes




Policies

ServiceArchitecture



Standards

Service Management

Policies





Outcomes




Policies

ServiceArchitecture



Standards

Service Management

Policies



FunctionalDesign


Definition to DesignProcessSpecifications

Decision track-backThe inputWho drove itWhy it mattersHow it will be measured

It’s a system

Solicited

Derived

BusinessOutcomes




Policies

ServiceArchitecture



Standards

Service Management

Policies



FunctionalDesign


BusinessOutcomes




Policies

ServiceArchitecture



Standards

Service Management

Policies



FunctionalDesign


Definition to Design

Critical!SharePoint expertise required


Outcomes




Policies

ServiceArchitecture



Standards

Service Management

Policies



FunctionalDesign


Define

Design

Business

Outcomes

Technical

Considerations

Information

Classification

Information

Management

Policies

Service

Architecture

Information

Architecture

Information

Management

Standards

Service

Management

PoliciesFunctional

Preferences

Information

Management

Architecture

Functional

Design

Project Constraints

Budget, Timeframe, Resources

http://tiny.cc/danholmearchitecturevideo

5. Develop the Solution

Delegate

The R’sDefine the solutionDesign the solutionDevelop the solutionReleaseRefine requirementsRevisit designRevise solutionRepeat


Define

Design

Develop

DeployRefine

Revisit

Revise

Release

The D’s and R’sDefine the solutionDesign the solutionDevelop the solutionReleaseRefine requirementsRevisit designRevise solutionRepeat


Project Lifecycle

Development Lifecycle

Delegate

Guidance: Develop the SolutionDevelop in iterationsProject management keeps things on track

The Messy Reality BusinessOutcomes




Policies

ServiceArchitecture



Standards

Service Management

Policies



FunctionalDesign


1 2 3

4

OutcomesBusiness valuePoliticsMetrics

BenefitSuitabilityCostRisk

5

6. Deploy the Solution

Development Test Staging

Production

Application deployment and revisionsCustomization deployment and revisionsContent deployment / content publishing

Guidance: Deploy the SolutionEstablish application lifecycle managementPoliciesProceduresRoles & responsibilities

Establish lifecycle management for customizations & content

7. Drive User Adoption

Guidance: Drive User AdoptionEmbed the userMarket the solutionSolve user-perceived pain while solving business goalsBranding matters

Train and messageDon’t train users to use SharePointEvangelize the whyTrain users how to achieve the requirements of the solutionEquip users to discover the what else

www.sharepoint-videos.comwww.sharepointshepherd.com

http://www.sharepoint-videos.com/

http://www.sharepointshepherd.com/

8. Optimize Operations

Operations Management and Improvement

Document• Inputs

(Requests)• Outputs

(Changes)• Operational

Procedures

Measure• SLAs Achieved• Costs of

Operations

Identify• Time Consuming• Complex• Critical• Compliant

Automate• PowerShell• Third Party Tools• ROI & ROI

Guidance: Optimize OperationsDocument operational proceduresMeasure cost of operationsAutomate procedures

9. Manage the Portfolio

Portfolio Management

Catalog

• Solutions• Specifications• Policies• Changes

Monitor

Current state

Evaluate

Does current state match the specifications of the solutions in

place?

Trigger

Guidance: Manage the PortfolioEstablish a service catalogMonitor servicesEvaluate servicesTrigger review of service operating outside spec

10. Commit to Evolve

A Discipline of D’s and R’sDefine the solutionDesign the solutionDevelop the solutionReleaseRefine requirementsRevisit designRevise solutionRepeat

Deploy the solutionDelegate to operationsDo it again!

Project Lifecycle

Development Lifecycle

Define

Design

Develop

DeployManage

Measure

Modify

Business Need Business Need Business Need Business Need

Business Value

ManageabilityDefine

Design

Develop

DeployManage

Measure

Modify

In Sum

Governance

Define

Design Develop

Deploy

Manage

Measure

Modify

Change

Operations

Business Outcome

ServiceDelivery

People

Process

Policy

People

Process

Policy

Innovation

Resourceshttp://tiny.cc/danholmepresentationshttp://tiny.cc/danholmearticleshttp://tiny.cc/danholmebookshttp://tiny.cc/danholmegovernancevideohttp://tiny.cc/danholmearchitecturevideo

[email protected]@danholme

Beyond the Buzzwords: Implementing End-to-End SharePoint Governance and Compliance

Business

Transcript of Beyond the Buzzwords: Implementing End-to-End SharePoint Governance and Compliance