Your SlideShare is downloading. ×
Moss Governance Guidelines
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Moss Governance Guidelines


Published on

Published in: Technology

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide
  • Transcript

    • 1. Guidelines for SharePoint Governance
      26.april 2009
      Kjell-Sverre Jerijærvi
    • 2. SharePoint Governance Checklist
      Always use the checklist guide whitepaper
      Customers find the guidance very useful, strongly recommended
      Aspects covered includes
      Design-time and run-time governance
      Roles and ownership
      Information architecture, navigation and findability
      Infrastructure and operations
      Testing and development
      Each checklist has a related tips & information section
    • 3. Start With Simple Governance
      Architecture Governance
      Logical architecture model based on Information Architecture and capacity, sharing and isolation, configurable items, administration, and planning recommendations
      Farm design
      Site-collection structure
      Information asset structure
      …to create a workable design considering hard and soft limits
      Adapt governance according to targeted solution
      SharePoint as an Enterprise 2.0 platform
      Business applications hosted in SharePoint
      Push vs Pull:
    • 4. Start With Simple Governance
      Required Operational Governance
      Farm with redundancy
      Backup and Recovery
      Policies must be defined and enforced
      Restore specific information assets
      Tested disaster recovery plan
      Make sure that complete solution can be restored within allowed time limit
    • 5. Start With Simple Governance
      Minimum Governance
      Site Lifecycle Management (SLM)
      Policies (owners, free/paid, lifespan, inactivity, deletion, etc)
      Automation of SLM through site creation wizard and timer jobs
      Site delete capture
      Content Type (metadata) definitions
      Classification of all information assets, from sites to documents
      At least the “closed” content types (the immutable base metadata)
    • 6. Start With Simple Governance
      Optional Governance
      User Lifecycle Management (ULM)
      Manage the lifecycle of accounts as people starts, transfers, quits
      Policies for permissions and ownership of information assets
      Automation of ULM though partner/open solutions
      Visibility into usage
      Visibility into permissions
    • 7. Site Lifecycle Management
      Governing Sites from Creation to Deletion
      SLM policies must be defined and enforced
      Standard SLM only for site-collections
      Site use confirmation and deletion
      Custom Site Creation Wizard
      Use only if ootb SLM functionality is not sufficient
      Develop custom wizard to collection data related to SLM
      Store SLM data in site properties
      Develop timer job to enforce SLM policies
      Site Delete Capture
      Do not rely on database backup to restore deleted sites (backup media retention timespan might be shorter than SLM restore policy timespan)
      MSIT tool:
    • 8. User Lifecycle Management
      Governing Users from Creation to Deletion
      ULM policies must be defined and enforced
      Related to information security
      Information asset permissions must be managed when
      Account is removed/deleted
      User transfers to another department
      Information asset ownership must be managed when
      Account is removed/deleted
      User transfers to another department
      Recommended partner solutions:
    • 9. Content Type Governance
      Using Content Types for Content Classification
      Always create company specific base content types
      Use few required metadata fields
      Use sensible default values where possible
      Follow “Open/Closed” principle for content type hierarchy
      Support the Office 2007 Document Information Panel (DIP)
      Decide and enforce behavior
      Workflows / Event receivers
      Information management policies
      Retention, Auditing, Labeling / barcodes
    • 10. Document Template Governance
      Using Templates in Content Types
      Shared templates
      Manage and store templates in a central location
      Do not store templates directly in content types, always reference the central shared templates
    • 11. List Definition Governance
      Use Lists Based on Content Types
      List content
      Use only a few content types
      Content types must be cohesive
      Prefer list views over folders
      List permissions
      Prefer using inherited permissions
      Avoid user item level permissions
      Content Management
      Versioning, Check-in/out, Workflows / Event receivers
      Information Rights Management
      Policies for usage and access restrictions
      Information management policies
      Retention, Auditing, Labeling / barcodes
    • 12. Search Governance
      Findability and Information Security
      Ease of adding information assets to correct location
      Users should not have to enter a lot of required metadata
      Users should not have to browse/navigate a lot to store content
      Task context should deduce location, ref CRM document store
      Metadata tagging through content types for all findable assets
      Search scopes
      Faceted search
      Information isolation
      Separate SSP or even separate farms
    • 13. Permissions Guidance
      Simple Permissions Policies is More Secure
      Use SP groups to manage user group memberships
      Build your SP groups from AD security groups
      Do not assign permissions to single users, always assign to groups
      Prefer inherited user groups (role definitions)
      Prefer inherited permissions (role assignments)
      Avoid assigning item level permissions
      Site-collections are preferred permission management boundaries
      The more diverse and fine-grained permissions assignments you have, the harder it is to know who has access to what – and the more likely it is that there will be information security breaches
    • 14. Shared Metadata Governance (pre-2010)
      Metadata across Multiple Site-Collections
      Content types with site columns including lookups
      List definitions
      Management and distribution from master to applications
      Reference data
      Typically values for lookup type site columns
      Management and distribution from master to applications
      Always plan and test how to replicate shared metadata across your designed site-collection topology
      Metadata replication software
      Custom development
      Echo or DocAve
      Look for new functionality in Office 14
    • 15. Metadata Usage (pre-2010)
      Open Solutions @ CodePlex
      Community Kit
      Social bookmarking
      Tag cloud
      Enhanced wiki edition
      Enhanced blog edition
      Enhanced discussion board edition
      Faceted search
      …and a lot more not related to metadata
    • 16. Quota Governance
      SharePoint Administration, SQL Server Monitoring
      Plan for software boundaries
      MySite (site-collection)
      Storage size (default 100MB)
      Storage size
      Notification e-mail on size threshold
      Usage reports
      Upload size (default 50MB, max 2GB)
      Content Database
      Recommended max 200GB
      Recommended max 50.000 site-collections pr DB
    • 17. Development Governance
      Design-Time Governance for Upgradability
      Site Design
      Use standard site-definitions with feature stapling
      Avoid custom site-definitions and site-templates
      Do not use SharePoint Designer, except for prototyping
      Do not use SharePoint Designer, except for prototyping
      Do not use SharePoint Designer, except for prototyping
      Document Information Panel (DIP)
      Prefer standard DIPs, avoid customization
      If customized using InfoPath, all clients must have InfoPath installed to use the customized DIPs
    • 18. Patterns & Practices SharePoint Guidance
      Guidance & ReferenceImplementation
      Helps architects and developers design, build, test, deploy, and upgrade SharePoint intranet applications
      Demonstrates solutions to common architectural, development, and application lifecycle management challenges