SharePoint Governance Planning

1. Executive summary

The primary objective of this plan is to establish creating a governing handbook for better utilization of all SharePoint environments.

• Determine initial governing principles and goals.
• Classifications of business information. 
• Developing a working and educational strategy
• Develop an ongoing plan.

2  Introduction

2.1  What’s SharePoint Governance plan?

·  A SharePoint governance plan is a set of rules that will outline the administration, maintenance, and support of SharePoint platforms. It will help define Roles from end users to system administrators. It will also help to set expectations and guidance for Company SharePoint community.

2.2  Why Governance plan?

Without proper governance SharePoint will become a frustration for end users which eventually drive business away from utilization while a headache for IT administrators. Examples of these scenarios are:

• Unused sites which will still cost disk space on database server.
• Uncontrolled document versioning. This is also a burden for a database server as SharePoint treat them as new document for each version.
• Poor performance, like site loading taking longer time.
• Duplicate sites, documents, libraries, lists and others.
• Multiple heavily customized pages. This creates a diversion from the original purpose of SharePoint.
• · Loosely defined and too much authority for site owners.

2.3  Objectives

The primary objective of this plan is to establish the creation of a governing system for the usage and management of SharePoint environments.

• Define roles and responsibilities.
• Identify stake holders and strategic decision makers
• Form a SharePoint governance board
• Create a proper channel for escalation
• Identify scopes and purpose of sites, team or Share space and Mysites. Identify appropriate site template as well.
• Enforce service level agreement (SLA) met by IT administrators.
• Define the scope of customization.
• Identify tools and methods allowed for customization.
• Set site retention and deletion policy.
• Identify files exempted from real-time antivirus scanning.
• Set and adhere to proper SharePoint permission groups.

3  Audience

This documents requires to be read by all members of SharePoint admins, developers and database administrators. It’s also a requirements for business managers and SharePoint governance board members.

4  Roles and responsibilities

4.1  SharePoint Governance Board

This board will consists team from stakeholders (business), business system analysts, business application managers and IT administrators. Board responsibilities are:

Provide recommendations to IT Director. Provide decisions and directives for all SharePoint production, staging and test environments. New change, existing setting modification and archival. Determine a backup and restoration policy for each environment. Determine acceptable data loss before recovery. Determine SharePoint and database servers patching policy. Evaluate objectives periodically. Enforce governance policy rules. Improve and enhance user SharePoint adoption.

4.2  SharePoint Administrators

Installing, configuring, maintaining, patching and managing SharePoint servers. Provision and maintain all necessary service applications. Create new web application, site collection and sites as required. Creating and maintaining all content databases. Coordinating with database administrators and any backup tool technicians for setting a backup schedule.  Perform disaster recovery rehearsal periodically. Provide training for end users as required. Maintain Internet information services (IIS)  Resolve issues arising in event viewer application and SharePoint logs. Define a site template with the help of SharePoint development team. Manage site quota as defined by the policy Deploy SharePoint service packs, cumulative updates and any hotfix as needed  Deploy and install custom solutions

4.3  SharePoint Developers

• Responsible for building a framework for site collections, sites and subsites.
• Brand and modify SharePoint sites look and feel as required.
• Build and maintain custom workflows as required.
• Build and maintain site templates as needed.
• Build and modify custom Webparts as required.
• Coordinate with BSU and stakeholders in decision making of new projects. 

4.4  System Administrators

• Responsible for the acquisition, installation and maintenance of server’s infrastructure
• Review existing infrastructure setup
• Develop best practices and operational guidelines
• Install OS security and windows update
• Manage windows cluster services
• Manage servers and available storage spaces.
• Backup and restoration schedules and audits.
• Audit security logs
• Daily monitoring of all SharePoint related servers.
• Maintain all SP servers.

4.5  Database Administrators

• Database backups and restores
• Maintain backup and restore meets SLA
• Databases maintenance
• Database security and performance tuning
• Manage SQL cluster services
• Install and configure database instances
• Install database service packs and updates as needed

4.6  Enterprise Site Collection Administrators

• Create, modify Sub sites and Pages
• Search Settings, Scopes, Keywords
• Recycle bin, including secondary level.
• Site storage space allocation
• Managing site collection and site features
• Create and maintain Site libraries and lists
• Manage RSS feeds
• Archive and delete sites as required
• Install and configure Web Parts.
• Manage content and structure

5  Permissions

Unless and otherwise exception granted any given SharePoint site will only have following three groups:

5.1  Site Owners

• Create and Pages not Sites
• View all site contents
• View usage and audits reports
• Full control on Site libraries and lists
• Create alerts
• Creation of audience NOT allowed
• Modify Site Title, description, logo and other look and feel aspects as needed
• Creation of SharePoint groups not allowed
• Adding and removing users from permission groups

5.2  Contributors

• Contributing on site contents
• Add, edit and delete items as required
• Subscribe to alerts and RSS feeds

5.3  Readers

• Read site contents
• Subscribe to alerts and RSS feeds

6  Environments

COMPANY supports Intranet and Extranet environments:

6.1  Intranet

• Environment specifically created for Department internal use only.
• Anonymous access is not allowed.
• Access could be granted for outside trusted domain.
• Team Site, Share Space & MySite are only top level types
• Sub-site could be Projects, Committee, meeting and social as needed.
• Personally identifiable information (PII) may be stored in tightly secured sites.

6.2  Extranet

• Environment server the purpose of collaborating with external customers.
• Anonymous access may be allowed as needed.
• PII is not allowed to store on any sites.
• Creation of MySite is not allowed.
• Locations of servers will be in isolated DMZ environments.

7  Operational Policies

7.1  Site RETENTION, ARCHIVAL AND Quota

• Sites will be lock down for no activity of 180 days. Exemption can be given by SharePoint Governance Board.
• Sites will be archived after 90 days lockdown
• Projects sites will be locked down for update after project completion.
• All Team sites will have an initial 10 GB size quota. It could be extended upon approval by the Board.
• All personal sites will have 250 MB size quota.

7.2  Site Template

7.2.1  Following list will be used for new site provisioning

Global, Team Site, Blank Site, Document Workspace, Meeting Workspace, Social Workspace, Wiki, Business Intelligence (BI) Center, Publishing, Collaboration Portal, Enterprise Search Center, MySite Host, Project Site, Visio

7.2.2  Deprecated Site Template:

Record Center

7.3  managed paths

7.3.1  Collaboration Web Applications

Department will only support following paths: Sites, help, and portal

7.3.2  MySite

The only managed path supported for MySite is Personal.

8  Support Policy

Support for end users will be provided within the existing COMPANY support framework. Different online resources for users help will be available in COMPANY SharePoint sites.

8.1  Application Support

Support system will have three tier level.

8.1.1  COMPANY Help Desk – Tier I

• Provide first level of support to SharePoint users
• Basic product support
• General how-to and troubleshooting questions from end users.
• Escalation to Tier II

8.1.2  Enterprise Site Collection Administrators – Tier II

• Provision and modify sub sites, pages as needed
• Grant or modify site permission
• Request increase in storage quota
• Modify Search settings, search scopes and search keywords
• Activate\Deactivate site features as required
• Add\Remove web parts
• Initiate site\pages archival process
• Escalation to Tier III

8.1.3  SharePoint\System Administrators

• Provision new web application
• Perform site restoration
• Increase site storage quota
• Archive sites as requested
• Resolve escalated issue

8.2  Project Support

Project support will have three tier level.

8.2.1  Business Solution Unit (BSU) Manager BAM- Tier I

• Customer initiate a project request directly to the BSU BAM via email or phone
• BSU BAM will initiate a meeting with customer and all the BAMs
• Business System Analyst (BSA) will be assigned for the project.

8.2.2  BSA Project Leader – Tier II

• BSA will start gather requirements and manager project.
• BSA will facilitate a meeting with team and BAMs
• BSA will be a point of contact for life cycle of project

8.2.3  SharePoint Development Team Lead

• Handle request submitted by BSA project leader
• Assign tasks to SharePoint development team
• Support developers and analysts
• Provide Subject matter expert (SME) support

8.3  SharePoint Updates

SharePoint update will have two tier level.

8.3.1  Business Application Manager (BAM) – Tier 1

• Users initiate a support request via email, phone or SharePoint support list 
• All new SharePoint site requests, site enhancements, projects tracked by BAM.
• BAM will assign SharePoint support lead

8.3.2  SharePoint Support Lead –Tier 2

• Updates to any SharePoint request will be sent to SharePoint team distribution list
• SharePoint support lead will monitor email for SharePoint update requests.
• SharePoint support lead may assign tasks to team member
• Provide update status
• Provide completion estimate
• Train and assist site owners
• Work within governance guidelines
• Enforce SLA

9  Customization Policy

This policy will discuss scope, methods and allowed tools for customization.

9.1  Scope

List of allowed components for Site customization are:

• Web Part
• Department Logos
• Master Pages
• Functionality of sites
• Partially restricted: requires approval from governance board
• Site Template

9.2  Tools

Allowed tools include:

• SharePoint Designer
• InfoPath Designer
• K2 Form Designer
• K2 Designer for Workflow
• HTML 5 editor

Not allowed tool:

• Visual Studio

9.3  Methods

Allowed SharePoint modification methods are:

• Java Script
• CSS
• XSLT
• HTML
• HTML

Not allowed methods:

• Solutions require C#, VB.Net and other source codes

10 Files excluded from virus scanning

You may have to configure your antivirus software to exclude the following folders and subfolders from antivirus scanning:

·  Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions If you do not want to exclude the whole Web Server Extensions folder from antivirus scanning, you can exclude only the following folders: 

·  Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16

·  Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\Logs

Note: Change this to actual Log file location

·  Drive:\Program Files\Microsoft Office Servers\16.0\Data\Office Server\Applications

·  Drive:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files

·  Drive:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config

·  Drive: \Users\ServiceAccount\AppData\Local\Temp\WebTempDir Note the WebTempDir folder is a replacement for the FrontPageTempDir folder.

·  Drive:\ProgramData\Microsoft\SharePoint

·  Drive: \Users\account that the search service is running as\AppData\Local\Temp Note the search account creates a folder in the Gthrsvc_spsearch4 Temp folder to which it periodically must write.

·  Drive:\WINDOWS\System32\LogFiles

·  Drive:\Windows\Syswow64\LogFiles Note If you use a specific account for SharePoint services or application pools identities, you may also have to exclude the following folders:

·  Drive:\Users\ServiceAccount\AppData\Local\Temp

·  Drive:\Users\Default\AppData\Local\Temp

·  You should also exclude all the virtual directory folders under

 Drive: \inetpub\wwwroot\wss\VirtualDirectories and all the folders under Drive: \inetpub\temp\IIS Temporary Compressed Files.

11 References

• What is governance in SharePoint? By Microsoft
• SharePoint Governance by Benjamin Niaulin 
• Building a SharePoint Governance plan before Migration by Benjamin Niaulin
•  SharePoint Governance plan Auburn University
• Importance of SharePoint Governance by Jean Paul
• SharePoint Governance –Individual Roles and Responsibilities by Wael
• Certain folders may have to be excluded from antivirus scanning when you use file-level antivirus software in SharePoint by Microsoft