Chapter 7. ECM Planning Guide
We have discussed the importance of planning and best practices for your ECM Project. A lot of what we have covered has been methodology and the application of ECM principles in SharePoint. To put this information to good use, you will need to create a detailed set of documentation that lays out the Information Architecture (IA) and its associated components. This will be a pivotal component used for completing your detailed project planning documentation.
Documentation serves several purposes beyond simple planning. This includes keeping everyone informed about the details of the project and how it will be implemented. It’s important that the documentation be crafted in a way that supports your ability to illustrate to others that the project team has done the due diligence to make the project successful. In addition, it creates a historical record of how and why you did what you did, a tool to help with future inevitable changes in the organization, and, sometimes, a record of mistakes made so that they are not repeated.
Documentation
The types of documentation and how you carve out the various elements will vary based on the size of the overall project and, to a degree, the capability and maturity of the organization. We recommend that organizations create an ECM roadmap that builds from the documentation of the business drivers, leading to the decision to implement the platform to how it will be structured and implemented. This can be very useful for people outside the core team as well, and it can provide both a look into the future of what is planned for SharePoint in your organization and how the team will arrive at its destination during any given point of the journey.
It is important to document why the organization is implementing SharePoint and what the key business drivers are. This lets everyone know the thought process behind the implementation. This should be written in common business terms and be readable to a nontechnical audience. Most often, your biggest supporters or detractors will be outside of IT, and you will need to communicate in a language that is familiar to them. This portion of the documentation should be drafted by the Business Analyst role we outlined in Chapter 5.
To document how SharePoint will be implemented, the ECM project team will be focused more on the technical elements and the ECM principles that will be followed. This should cover the tactical implementation steps that will be used and the core ECM definitions, outlined in Chapter 1, which you choose to be implemented as part of your project. This should be written in a format that provides the actual steps taken on your SharePoint farm to implement any given feature. For example, we recommend that you include the exact steps you took to create a content type. As you build, be sure to include all the content types that you created and the field level details.
In addition, we recommend that you create a section in your documentation that defines the best practices used for things like taxonomy, file naming conventions, and site structure. A good example of best practices would be to establish that SharePoint will not have a taxonomy that is over 500 terms and more than four levels deep for any given parent term.
Configuration blueprint
Many audiences will ask for documentation to help them understand how the various pieces of the SharePoint ECM solution will fit together. We have found that the best way to illustrate this is to create a kind of configuration blueprint in the format of tables and lists that are easily understood by a wide audience. The key to this is to see the interrelationship of items so that, for example, you can understand how the IA and content types relate to each other.
Governance is a widely used term that is often misunderstood or interpreted in various ways, depending on the subject. For purposes of your documentation, we define it as a nontechnical section that connects the features of SharePoint with their proper usage and company policy—in essence, a rulebook. Governance in this context refers to the usage and control of content in SharePoint. This covers how to use the platform, such as how to properly upload a document with proper metadata, and proper types of content per a retention schedule or other organizational policy.
Some organizations will also have an IT governance plan that includes security considerations. This document is very often owned by IT and is separate from the ECM governance document. The section on ECM governance can include references to the overall IT governance plan where appropriate, but we recommend that organizations keep them as separate documents.
Source of truth
The danger of documentation is that it can be a resource vacuum and become never ending. To help mitigate this problem, we recommend as few authors as necessary to complete the effort. By limiting the number of people involved in the documentation process, you will have a better understanding of the boundaries that they have used to prevent unneeded detail on certain subjects. This also creates a more focused effort on where the information came from and why it was written and organized in a particular way—that is, a singular source of truth.
Obviously, a peer review of the documentation is necessary for accuracy and to get joint ownership, but multiple authors sometimes cause unneeded focus in some areas and too little on others. The other danger is the belief that the documentation has to be 100 percent accurate. We are not advocating glossing over mistakes, especially the technical ones, but sections like governance and records management are very often a moving target and can change over time. It’s better to publish a 90 percent accurate document and move forward with modifications than to never publish anything. The document should be a foundation of future growth and extension of the platform; this requires an end point to its creation.
In the rest of this chapter, we are going to focus on the areas that you should include from this planning guide that will be critical for your ECM solution. This is meant as a resource for you to select the elements that work for your project. This is not a one size fits all. Every situation is unique, and we recommend that you exercise your own judgment to apply as many of these elements as you see fit for your organization and project.
Information Architecture
As we outlined in Chapter 4, Information Architecture (IA) is the logical and physical storage of content. Many of the best practices we covered in Chapter 4 are complimented in the following sections; these should be used together so that you can be very clear about the logical component. This will be a map to where and how content is stored in the platform. Together, the configuration blueprint and this documentation will be used as the final documentation needed for implementation of the IA. You need to include URL names, which are a critical component in any SharePoint documentation. You need to include the following three core elements in this document:
Site and library architecture
The two primary ways to document the IA are either in a diagram or in table form. We recommend that organizations do both because the added effort of one over the other is nominal when one is already created. This also helps various audiences digest the documentation in the format that is most familiar to them. The site and library architecture should go from the site collection level, down through sites, to document libraries. In the IA section of Chapter 5, we mentioned that organizations planning for growth would create a site collection per business unit, whereas other organizations will do an individual site per business unit. The difference in the documentation is simply the depth. They will essentially look the same. Let’s review in detail a real-world example of each documentation type.
The benefit of a diagram is that it puts all components and their relationships in one place. This is usually very easy for most people to digest. The only downside of diagrams is that they can get very large and hard to print. As shown in Figure 7-1, the center of the diagram is the farm. Typically, the configuration at the farm or platform level is up to the IT department, and that is not included in the diagram. For purposes of this section of your ECM documentation, you do not need to provide technical details at the farm level.
Toward the right of the diagram, notice that we included three applications that will be used for other purposes outside of our ECM solution. These are listed as separate web application sites called Members, Applications, and Intranet. We list them here, even though they are separate uses of the SharePoint 2013 platform, because it’s nice to have a full listing of root web applications for navigational purposes, and we might have a need to relate them to one another. For example, there might be a line-of-business application such as an employee or customer survey submission that creates a record in ECM, and we can easily document that relationship when they are all listed in one place. For purposes of this planning guide, we will not go into any deeper detail on these additional web applications.
Our focus is the ECM web application. In this diagram, we have taken the site collection approach per function. This could have been done for scaling or due to the size of content. Normally, if you take this approach, it means that you are also using more than one content database. If this is true, you should add the level at which content databases are chosen. For example, if you have a content database per site collection, note this as a parent of the site collection and the name of the content database used. This is important for IT support functions, such as planning backup configurations and disaster recovery procedures.
In this case, we are using a single content database per site collection. We are also using the root site of each site collection as the landing page of each function. As we mentioned in the IA section in Chapter 4, the trend is to have flatter architectures and leverage the power of metadata to improve browsing and search. This is a perfect example of that implementation trend and how to structure your IA.
Each site collection has a listing of libraries and features used. For every site collection, you can see that there are documents, media, and confidential libraries. The documents library is the largest in each site collection and will contain a listing of all content items such as documents, presentations, and text files for that business unit. The media library is used for rich media files, such as photos and videos, for each business unit. And finally, the confidential library is a location where managers of a business unit can store documents that are not visible to all the staff in that unit. For example, employee reviews can be stored here or in the HR library, depending on your organization’s records plan.
These consistencies allow users to understand the navigation and structure of your ECM solution no matter what business unit or functional role they have in your organization. In the case of the HR and the Legal departments, there are some exceptions to this rule where some special libraries are called for. For Legal, there is a library for content holds. This will be used in any litigation scenario and is the location where content will be held during eDiscovery for legal review when preparing to respond to requests for production of documents during litigation. Because not all held content is visible to everyone, it’s placed here for exclusive use by the Legal department.
In the HR department, you see special libraries for employee files and resources. Employee files also come with the special feature of “document sets.” This library has legal implications due to the regulation around employee files and must be kept separate with appropriate security. However, the resources library is a location where the HR department might store content that they regularly provide to employees related to their employment.
You will also see site collections named Search and ECM Hub. These are special site collections with specific functions. Search will be the ECM-wide search application, and the ECM Hub will be the location that contains some testing for specific ECM functionality before and after it’s deployed to the organization, as well as the official location for all content types that are published to all other site collections. These site collections don’t have functional libraries. However, the ECM Hub might have libraries not for general consumption, to test out various features such as views and column setup.
Each site collection also has a listing of features that will be enabled. This is simply a listing rather than a detailed explanation of how each feature would be used. This should be included in the detailed screen shots we discussed in the documentation section of this chapter. This listing of each feature is a guide that lays out from a user perspective what features they will have access to.
As we recommended earlier, it might be helpful to organize this same documentation in the table format illustrated in Table 7-1.
Web Application | Site | Library | Configuration | |
\ECM | Search | na | ||
ECMHub | na | |||
HR | Employee Files | Publishing In-Place Records Document ID MMS Filtering Document Set | ||
Documents | ||||
Media | ||||
Resources | ||||
Confidential | ||||
Operations | Documents | Publishing In-Place Records Document ID MMS Filtering | ||
Media | ||||
Confidential | ||||
ExecutiveTeam | Documents | Publishing In-Place Records Document ID MMS Filtering | ||
Media | ||||
Confidential | ||||
Legal | Documents | Publishing In-Place Records Document ID MMS Filtering eDiscovery and hold | ||
Media | ||||
Confidential | ||||
Hold | ||||
\Members | ||||
\Applications | ||||
\Intranet |
Most organizations’ configuration will span, on average, 15 business units and be much larger than the four configurations shown in the preceding table. Table 7-2 outlines another format for a small city’s IA. This structure uses a site per business unit instead of library.
Web Application | Content Database | Site Collection | Site | Library |
ECMDB_Hub | ECMHub | na | ||
ECMDB_Attorney | CityAttorney | Documents | Documents | |
Media | ||||
[HoldByDate] | ||||
ECMDB_Manager | CityManager | Gis | Documents | |
Media | ||||
Airport | Documents | |||
Media | ||||
\ECM | ECMDB_Building | DevelopmentServices | Building | Documents |
Media | ||||
CodeEnforcement | Documents | |||
Media | ||||
Engineering | Documents | |||
Media | ||||
Housing | Documents | |||
Media | ||||
Planning | Documents | |||
Media | ||||
ECMDB_Finance | Finance | Accounting | Documents | |
Media | ||||
CustomerService | Documents | |||
Media | ||||
ECMDB_Fire | Fire | Documents | ||
Media | ||||
ECMDB_IT | IT | Documents | ||
Media | ||||
ECMDB_Community | CommunityService | Documents | ||
Media | ||||
ECMDB_Police | Police | Records | Documents | |
Media | ||||
Communications | Documents | |||
Media | ||||
ManagmentAnalysis | Documents | |||
Media | ||||
PoliceChief | Documents | |||
Media | ||||
Property | Documents | |||
ECMDB_Works | PublicWorks | Administration | Documents | |
Media | ||||
Environmental | Documents | |||
Media | ||||
WasteFacilities | Documents | |||
Media | ||||
EMAILDB_[year] | [year] | [function] | [user] | |
\Projects | PROJECTDB_[projname] | Projects | [projectname] | |
\Search | SEARCHDB |
For simplicity, we have removed the Configuration column shown in Table 7-1, and we have added a Content Database column to Table 7-2. Because of added security requirements and larger amounts of content stored in SharePoint, the city needed to expand its deployment to many site collections and content databases. In contrast to the structure shown in Table 7-1, the small city has two layers of business units, which is still a very flat IA, where each business unit still has the standard library configuration of a documents library and a media library, with the exception of Legal. The other big difference is that you see the Projects web application where cross-functional projects are set up. Under Projects, there is a new site collection per project. You will also notice the email web application. As we mentioned before, email archival is a large project on its own. The city decided to implement an email retention policy that required all email older than 90 days to be deleted from their inbox and moved to the email web application for archive. The web application is visible only to the City Attorney’s Office. Under the email web application is a content database for each year of archives.
For example, if this system were set up in 2008, there would be EMAILDB_2008, EMAILDB_2009, EMAILDB_2010, and so on up to the current year. The content database will store one site collection per year, with each site collection named per year. Within the site collection will be a site for each business unit, and under each business unit, there will be a site and a library per user in that business unit. This is the final resting place for all those users’ emails. This configuration was required for the sheer volume of email, and for ease of browsing either in legal cases or to facilitate Public Disclosure and Freedom of Information Act requests.
Note
The examples that we include are from real implementations done by the authors; they are not recommended examples for your environment, no matter how similar. All configurations are different, and these examples are used only to illustrate the methods and best practices described throughout this book.
When completed, both the diagram and the table could be used during training to help users get a high level overview of the farm and its configuration. During adoption, this is helpful because it allows users to see the big picture. In any case, each diagram and table should be preceded by an introductory paragraph that includes the assumptions made so that it is very clear to the organization why the IA was organized in such a way. In the beginning section of the IA document, you should include the following three elements:
Describe the current state of document and records management. Reiterate why a need for reorganization using ECM is required.
Include a high-level summary. This will be a general description of why you chose to structure the IA this way.
Document the assumptions that were used. These are the boundaries that helped you formulate the requirements and limitations of your plan.
A good example to include in your explanations would be around scaling the ECM solution. List how much content you have now, what percent will go to SharePoint, and the growth rate. This is important in the decision of whether to do business units per site or per site collection. Include how the functions were determined and how the library names were selected. Anyplace you can anticipate inquiry, you should proactively describe the rationale behind the decisions that led to your IA.
When completed, the IA documentation should be a clear guide for how to navigate the entire ECM application in the SharePoint farm. But the logical storage of content does not stop there. Content types are not only part of where content is stored, but what is stored with it.
Content types
Earlier, we described the content type as the container for the content and its metadata. By the time most organizations reach the configuration of content types, they become weary and fail to go into much detail. They might elect to use out-of-the-box content types, which provide nominal value, or they might allow users to create their own content types, which results in content type sprawl similar to the issues surrounding a shared network drive.
The reason content types are so important is that they are the only way to embrace the future of flatter IA designs and a minimalist approach to document libraries. By using content types, you can leverage the power of documents-associated metadata to slice and dice information in numerous combinations. This allows users to browse more precisely, search faster, and make better decisions about the content in views.
The first part of documenting content types is providing a detailed summary of how content types are created, the thought process behind how they are used, and what policies were followed when creating them. The following four key areas need to be included when documenting your content types:
Content Type Location If you used this book as a guide for your ECM implementation, you already know that we recommend setting up content types in a single location for the entire farm. This is done by using the content type syndication feature. It allows for ease of administration of content types, and it allows the use of more advanced functionality when moving content around in the farm, without losing valuable information.
Standard and Custom Define the relationship of custom content types to standard SharePoint content types. For example, in Figure 7-2, we take the approach of extending all root content types with a layer of retention schedule content types, and then we include the user friendly name content types. This was done because the organization leveraged a retention schedule, which is a feature implemented at the content type level, and they wanted to have a content type for each objective type of document.
Content Type List First, describe how you chose the number and name of content types. This should be derived from an existing list of document types for the organization that support each business unit. The organization should be in a position to distinguish business-critical documents from those that are superfluous. ECM should be used only for business-critical content or content that has true value from a records or operational business perspective.
Usage Policy Here you will define how content types should be used. This will often include a guide for how to choose the proper content type, what metadata is required, and what is optional.
After you have given the high-level description of the methods used to create the organization’s content type, you need to define what the final sets of content types are and how they are used. One of the big benefits, as shown in Figure 7-3, of the content type hub is that, at minimum, you can use screen shots of the content type hub and content type configuration page for this portion of your documentation.
As you can see, all content types are listed in one place. For the custom content type group, we recommend that you place all content types where they will be visible. The content type hub is a very nice tool for listing all content types in one place. In a pinch, this will suffice, but we recommend that you also create a separate table that includes more detailed information about content types, as shown in Table 7-3.
Friendly Name | Parent | Columns | Library Location | ||
Name | Required | Type | |||
Medical Leave | DocumentCYE+7 | Created Date | X | Date | \ECMHRDocuments |
Modified Date | X | Date | |||
Title | X | Text | |||
Author | X | Text | |||
Dept | |||||
Leave Date | X | Date | |||
Policy | DocumentUS+2 | Created Date | X | Date | \ECMOperationsDocuments |
Modified Date | X | Date | \ECMHRDocuments | ||
Title | X | Text | \ECMLegalDocuments | ||
Author | X | Text | \ECMExcutiveDocuments | ||
Effective Date | X | Date | |||
In this example, we detail two documents of content types: Medical Leave and Policy. Both are created in the content type hub, and for this organization, both are derived from a base content type that is the retention schedule year.
Medical Leave is derived from the root content CYE+7, which is derived from the content type Document, which means that this document will be deleted 7 years after the year it was created. It has the columns Created Date, Modified Date, Title, Author, Department and Leave Date. Department and Leave Date are unique content types.
Department is based on a managed metadata column that lists all departments, and Leave Date is simply a date field indicating the employees’ last day of work prior to medical leave. Most of the columns in both content types are required. The organization should already have a predefined description of how they determine mandatory fields.
The Medical Leave content type is available in only one library, the documents library of the HR site or site collection, while the Policy content type is available in four sites or site collections: Operations, HR, Legal, and Executive.
When documenting these content types as outlined in Table 7-3, it’s often easier to list only the columns that are unique to a content type. For example, in this case, the Leave Date column for the Medical Leave content type is unique across the board, whereas Created Date and Modified Date will be present in all content types.
One of the most common custom types of columns that we talk about in this book is managed metadata. This column links to the managed metadata service (MMS), where it pulls from a specific term set or from a subset of a term set. Frequently, content types will have more than one of these types of columns, and this is the location for all taxonomies, which is another piece of your IA that should be documented.
Taxonomy
The purpose of documenting your taxonomies is slightly different than for content types and the SharePoint farms IA down to the library level. Because of how taxonomies are implemented in SharePoint 2013, change control can be difficult. Properly designed taxonomies should not be updated frequently and should not be updated by the user because this is a quick path to sprawl and a return to the shared drive paradigm that quickly creates a digital dump of content and terms.
The individual taxonomies will be initially created in comma-separated value (CSV) files. We recommend that you have one file for each taxonomy that should be set up as shown in Table 7-4, in a strict format with no deviation.
These values are defined to support the following purposes:
Term Set Name The broad name or type of the taxonomy we are working on—that is, Functional, Period, Regional.
Term Set Description A note to all administrators about what is contained in this set and how it’s used.
LCID The language code, this used only in SharePoint farms leveraging multilingual user interface (MUI). We will ignore this field for this application and use the code for English, which is 1033, but the column must be present for proper import.
Available for Tagging Allows the term to be used in places where tagging is enabled. Because we want to encourage adoption of the taxonomy and we want to be sure that content is tagged, we will leave this as true for all terms. If your organization leverages a folksonomy as well, you might want to set this to false for all tags.
Level 1-3 Term The actual terms we have decided to use for Coho Winery.
When the taxonomy is completed, it will be uploaded to the MMS service application. While it is not available to be set up in a specific content type and used in the farm, it should be considered as read-only at this point. If you were to make edits to the taxonomy inside of the MMS service application, you would have no record of the change. When this happens once or twice, it’s not a big deal, but over time, the collective amount of changes causes a problem for migration and understanding of setup. This is because you are unable to export taxonomies or merge them with the original CSV file in SharePoint.
This is why we recommend that all changes to taxonomy happen in the CSV file directly. To do this in an effective way, you need to track those changes. This is the primary purpose of documenting taxonomies, in addition to documenting the policies and principles that defined them.
In your taxonomy documentation, as with content types and IA, you should start with a description of why taxonomies are being used, how they will benefit the organization, and the high-level rationale that drove their creation.
It is very important to follow the rules that we outlined in the Chapter 4 examples:
Do not user “Other” or miscellaneous terms. These terms are a catchall that will be used more often than you will like. People see “Other,” and they quickly store an item without looking for the appropriate name.
Do not use any transient terms. Terms such as dates that will soon be invalid can be applied to a document and then never updated, so they become inaccurate. Dates and versions are the most commonly misused transient terms.
Do not use plural forms of terms.
Repetition is fine. Repetition in child terms will happen; this is common and expected. It’s the entire path of a term that matters.
Focus your terms on root concepts, and avoid being overly detailed. You can use synonyms for more detail.
Do not create term depth further than four terms. Users will tend to stop applying terms at the third level.
Do not use terms that are abbreviations, but you can use abbreviations in extended form for terms and synonyms.
No term set will be over 1,000 terms, including all child terms.
When creating your terms you want to follow the nine step process we have outlined:
List all departments, functions and/or business units to be included in the ECM project.
Take a screen capture of the shared folder structure for each. The folder structure will be the starting point, not the result.
Create a list of representatives from each group that includes project stakeholders or subject matter experts and interview them by asking the following questions:
What types of documents do you work with on a daily basis?
How do you organize your documents?
Do individuals organize by personal preference at a certain level?
Merge the terms from the folder structure with the comments and feedback you collect during your interviews.
After you have completed the taxonomy outline, review the business unit taxonomy and terms with the project stakeholders in each department.
At this point, you need to ask yourself the following questions:
Reconcile all the collected information into a single spreadsheet for each department, business unit, and function.
Compare all terms to the retention schedule. All retention schedule documents should be represented at some level.
Normalize overlap between departments. In some organizations, this means isolating common terms into one portion of the taxonomy for all to use.
Test the final taxonomy, within a staging environment with the easy and difficult business unit and/or department representatives.
After you have documented how taxonomies were derived, you can list the taxonomies, their location, their last modification date, and history of changes, as shown in Table 7-5.
Name | Type | Created Date | Modified Date | Location | Content Types used | History of Changes |
Operations | Functional | 8/1/2012 | 8/1/2012 | \ECMECMHubTaxonomy | Policy Plan | |
Departments | Listing | 8/1/2012 | 1/5/2013 | \ECMECMHubTaxonomy | Medical Leave | Added new departments |
Human Resources | Functional | 8/1/2012 | 8/1/2012 | \ECMECMHubTaxonomy | Handbook Employee File | |
Quarters Completed | Period | 8/1/2012 | 3/5/2013 | \ECMECMHubTaxonomy | Minuets | Added new quarters |
IT | Functional | 8/1/2012 | 9/1/2013 | \ECMECMHubTaxonomy | Equipment | Added missing key terms “Server” |
Legal | Functional | 8/1/2012 | 9/1/2013 | \ECMECMHubTaxonomy | Correspondence Action Letter | Added missing key terms “Risk” |
Engineering | Functional | 8/1/2012 | 8/1/2012 | \ECMECMHubTaxonomy | Documentation | |
Keywords | Folksonomy | 8/1/2012 | 3/15/2013 | \ECMECMHubTaxonomy | Keywords | Updated with user suggested terms |
Office | Regional | 8/1/2012 | 8/1/2012 | \ECMECMHubTaxonomy |
There are a few key elements to this table. First, we list the type of taxonomy. We explained earlier that there are limited numbers of types of taxonomy: functional, period, and regional. In this list, you will also see Folksonomy and Listing. Folksonomy is the flexible form of Taxonomy that is created and driven by the users. Therefore, it might not be something you track, but in any case, it is still something that we recommend against. Listing is a way to avoid using drop-down type menus to pick from a flat list of items. In this case, it’s simply a list of the departments, as opposed to a standard taxonomy, which would normally indicate a term used to define the content’s use in the organization. Some organizations might elect to continue to use the drop-down style column. The benefit of putting it in an MMS term store is having one place to manage all listings of content.
The other key element to this Table 7-5 is the location. As you can see, we are recommending that even your created and published taxonomies should be stored inside a library in SharePoint. This can be either the ECM Hub or a site collection or site belonging to the content managers and records managers. This gives the added benefit of tracking changes for you so that you do not have to include them in this tracking table.
Table 7-5 gives a minimal picture of where and when taxonomies were updated. The process of the update when updates are not frequent is to update both in the CSV file and in the MMS Service application term store. For frequent updates, we recommend that you consider third-party tools for synchronizing CSV files with SharePoint MMS.
Now that we have documented all components of the IA by creating a map of the entire SharePoint farm, we need to define how this configuration aligns with the content stored in SharePoint and the people who use the platform.
Content governance
Governance in the context of ECM is largely different from how most organizations consider governance. Organizations that are familiar with the term governance will put it in the category of IT governance that covers infrastructure and system security. There is no doubt that there is overlap with ECM as far as security is concerned, but usually the IT governance plan is a system of recording and controlling access security for discrete information systems, whereas the content governance plan is the system of record for security related to users’ access to content, not entire systems.
The content governance plan is used to define the security of content, how content is stored, how it is used, and what constitutes good usage of the system. When creating your content governance plan, you can use the following principles as a guide for each element of the plan:
Focuses on the ECM solution, not the individual features.
Aligns ECM goals with budget and return on investment.
Helps the system function well both today and five years down the road.
According to the IT Governance Institute, content governance consists of the leadership, organizational structures (policies), and processes that ensure that the organization’s technology sustains and extends the organization’s strategies and objectives. It is concerned with the risks, the costs, and the usefulness of the solution after it has been created.
The first part of a governance plan is an executive summary that defines what content governance means for your organization and the goals. The goals, at minimum, should include the following:
Ensure that the investments in SharePoint generate business value.
Mitigate the risks that are associated with SharePoint.
Get users to adopt SharePoint and use it properly.
You should strive to be more qualitative and detailed when expanding these goals. For example, provide detail for an annual period, the number of users, and the amount of properly contributed content that you want to attain. We also encourage you to think of governance as a continuum in which you are striving to reach level four in the following progression:
A good way to illustrate the appropriate level of governance is shown in Figure 7-4.
You can have too high a capture cost and consumption effort so that ECM does not work. Similarly, you can have too much governance, where the users are so limited that adoption is essentially nil.
Obviously there is no excuse for having no governance, where each user is on their own and each business unit looks after their own interests. In such a scenario, the usage of SharePoint is no better than shared drives and often worse.
Bargained governance is where a few business units negotiate collectively a mutually acceptable solution. This seems reasonable, but content that was contributed prior to the negotiation becomes invalid after the negotiation and can later pose some serious problems and risk. Further, you cannot assume that the principles and methods used were generated by anything beyond efficiency and ease of use; users will seldom think in the best interest of the organization and from a strategic point of view.
In centralized and advisory governance, the ECM group works to come up with a governance plan and can give guidance, but they are empowered to enforce the policies that they create. Often in such systems, the governance works very well for a short period of time, often measured in months, after which users realize what they can get away with and quickly revert to bad habits.
Finally, there is the centralized and empowered governance, where the ECM committee has both the ability to create the policies and the authority to create compliance policy. This usually requires that, apart from building the committee we described, the team also incorporates Legal, Records Management, and the executive team. These members could be added after the implementation phase of the ECM project if needed.
Governance is a balancing act, and the challenge for IT organizations is to create an appropriate level of centralized control while at the same time avoiding any impact on the business benefits derived by placing power in the hands of end users. This is tricky and requires that the committee and organizations implement a system of introspection that looks at the benefit gained from policies versus the inconvenience and risk that is posed for user adoption.
When done prior to deployment, the tools used to implement governance can be done via technology or policy by using technology features that are implemented in such a way that users cannot bypass them with improper usage. The most common example is required fields in content types. With this method, a user cannot upload a document where the required fields are not completed. This is governance implemented through a function of the technology.
The same requirement could be implemented with a policy that dictates that all documents must have specific metadata entered in a specific way to be considered properly contributed content and that all users are expected to contribute content in a proper way.
Both approaches have their benefits. Technology is extremely easy to enforce, but when used excessively, users will simply stop contributing content because it is too onerous. Policy has the least impact on users but is extremely hard to track; you would have to impose a system of content audits per user, which is too large a task for most organizations.
In this case, there should be a balance between fields that are mandatory to ensure the functionality of the system and those that are implemented by policy.
This example holds true for all decisions about whether to manage governance with technology or policy, but some requirements, such as “do not use profanity,” are easier to manage via policy.
As we mentioned earlier, SharePoint 2013 ECM projects seldom fail because of technology. If you use this book as a guide to your ECM implementation, your project most likely will not fail because you did not set up the platform correctly. It will fail due to poor adoption or excessive adoption in the wrong way, and governance is certainly part of this.
The planning for governance should start in conjunction with the design of the ECM system, before a single set of SharePoint configurations is implemented. The ECM team or a specialized governance team with a direct connection to the ECM team should be responsible for creating the content governance plan. It should build on the project’s vision statement. A good starting point is to take the organization’s existing policies and standards and link them to platform functionality.
While the governance plan is being created, similar to what was suggested with the ECM implementation, you should get started early in the project. Get your users familiar with the policies, and give them a voice to help shape both functional and policy-driven solutions. For example, early in Chapter 2, we indicated that you should get your users to start following the designed taxonomies even before SharePoint is set up. At the same time, get them used to the idea that there is good content and bad content.
Governance is not the thing you do after the system is implemented. If this were the case, it would likely be published and put away and rarely read. The document is only a record of the thought processes and decisions made regarding policy. More importantly, successful governance is about getting users involved.
As part of this, gently and over time, you need to convey the decisions made about policy and procedure and the reasoning behind it. Expect that users will react negatively to many of the decisions in the governance plan, but if you can get them to understand why and if you implement governance in a way that can be a habit and not interfere too much with their work, they will comply.
When you implement your governance plan, you must plan for updates and be flexible; things will change, and building a flowing structure into your committee will help embrace these changes and integrate them, when appropriate, into the plan.
The high-level goals of a governance plan should have the following characteristics:
Natural Does it fit naturally into the operation of the business?
Trim Does it contain just enough information that is measurable, precise, and time relevant?
Agile Can it be adapted quickly to changing tactical requirements?
Safe Does it satisfy the technical, legal, and operational requirements? (If it does not, it’s doomed to failure.)
Each component of the plan should include its individual goal, when it should be completed, and who is responsible. It’s important to understand that there is a cost associated with proper governance. Establishing a budget line item for this will help you make decisions that balance costs versus risk. If the reward for mitigating risk is outweighed by the available budget, you might have to plan alternative methods of governance. Outline what you are willing to spend, what you are willing to risk, and what is the opportunity cost of doing things a specific way based on that balance. A specific issue that arises out of poor governance could put the organization at risk; determining the potential fallout or costs of a specific issue or legal matter is difficult and varies greatly depending on the organization.
Balance is key in a good governance plan. This goes back to the team being introspective. Governance should not be the user community versus the ECM committee. The best way to achieve balance is by getting the users involved early and frequently. Try to balance consensus versus buy-in—that is, what you know the users will readily accept versus what you have no choice but to impose. In the spectrum of governance that we illustrate in Figure 7-5, you need to find that balance.
For most organizations, the objective is to be somewhere between collaborative governance and top-down governance. However, if you are in a highly regulated field, you have no choice but to rely heavily on top-down governance.
Another way to look at governance in SharePoint is from a feature/application perspective. In Figure 7-6, the diagram tracks upward from low governance (Social application with MySites) to the highest level of governance (Records Management with Records Center). Under each is a listing of common features unique to, but not complete or limited to, those applications.
Most of what we are proposing in this book is to combine records management and ECM. As you can see, these applications inherently demand more governance than others. They also are less innovative and change less than the lower-level applications. This immediately imposes more on the ECM/Governance committee, from both a governance and a rules perspective, and also requires the establishment of rules that should not change perspective.
Now that we have defined the nature and components of governance, let’s turn to the document, which will be the published record of what you are going to do.
When we talk about content governance for SharePoint, we are careful with web searches on the term governance because they will tend to lead to content and diagrams for IT governance rather than content governance. While creating an IT governance plan is not bad, content governance requires some additional elements.
The document should start with strategic objectives and then become very tactical. The conceptual components that should be answered as part of the plan include the following:
Strategy
Summary
Goals
The governance team
Future goals
Tactical
Features and a proper usage description
Usage and adoption monitoring
How you track
Disciplinary action
The sidebar in this chapter entitled Governance plan outline provides an example of an outline for an actual governance plan.
The Introduction should describe the layout of the document and its purpose. After that, the Executive Summary should describe at a high level the purpose of the governance plan.
The Objectives section will include details about what the goals are of the published plan and the concepts derived from it. Identify the target audience of those who maintain and use the ECM platform, scoped to the platform itself, and a listing of the possible risks and concerns. These risks and concerns should include problems associated with noncompliance with the governance plan as well as things that might be missed and opportunity costs. Forward-thinking organizations might also want to detail the pain that will be incurred should certain components of the plan not work out.
The Resources section will detail the components of the system, including those who use it and work on it. It should first define the committee and their structure, including when they meet, how they make decisions, and when they will make changes to the plan. Then it should detail the types of users, including super users, what users have access to, what their process is for obtaining support, and what should be considered proper general usage of the system. This description should also include the policy for the continued or discontinued use of shared or local desktop drives.
The Features subsection under Resources should, in extreme detail, list the specific SharePoint 2013 Platform features used in the deployment, how they are set up, who has access to them, and what constitutes proper usage.
The Governance Hierarchy provides the details about who owns the configuration and management of SharePoint, to whom users should listen when it comes to proper usage, and how this aligns to executive management and business goals. It should be clear that there are ramifications of improper usage of the system, both operationally and materially.
The Operational Policies section takes the governance hierarchy into concrete details, such as what is the proper way to add a legal document and what are the ramifications of not doing it correctly.
The sidebar in this chapter entitled Governance documents provides examples of policies from a real governance document.
The Operations Policy section will be the most controversial and most robust section of your entire governance plan. Each policy should be easily separated and published as a separate independent document from all others.
The Communication and Training section will detail the level of training users are expected to have and how they obtain the training. It will also detail and should include a directory of their first tier support, which should be super users in each function and how those users escalate support.
While the Communication and Training section details the goals, the plan will define concrete dates for when users will be training and how the training will be executed.
The Definitions and Resources section details the terms used to describe the environment and a list of resources, such as training videos and documentation, and even this book can be used to design the system and determine the governance.
Next steps
Governance can be, and is, an exhausting process. Starting right away is the easy way to decrease the exhaustion. The final document is rewarding in that it becomes a guide for the current system usage and future extensibility.
Here we have described how to create a blueprint with the IA documentation and how to describe proper usage with the governance documentation. But we left out a large component, and that is records management. While the governance recommendations in this chapter hold true for all organizations, only some organizations choose to embrace the processes and principles of records management, which we will discuss in the next chapter.