SharePoint 2013 Governance Plan Web viewAn effective governance plan ensures the system is ... SharePoint handles versioning in Lists and Libraries, ... Moderators should have a simple

<Company Logo>

SharePoint 2013 Governance Plan

Prepared for24 September 2014

Prepared byPaul D. Fox

ContributorsTBDTBD

2For <Company Name>2

Revision and Signoff Sheet

Change RecordDate Author Version Change reference7 Apr 2014 Paul D. Fox 1.0 Initial Draft for Review/Discussion

ReviewersName Version

approvedPosition Date

<Name> Project Sponsor, Chief Information Officer<Name> Senior SharePoint Architect<Name> Director Information Technology<Name> IT Applications Support Team Lead<Name> SharePoint Application Development<Name> SharePoint Application Development<Name> IT Infrastructure (IT Administrator, Network

Administrator)TBDTBDTBDTBD

TBD

Signoff

Project Sponsor Date

Signoff

Date

Page


Table of Contents1 Executive Summary......................................................................................1

2 Introduction.................................................................................................32.1 Objectives...................................................................................................................32.2 Audience.....................................................................................................................32.3 Purpose/Scope............................................................................................................32.4 Mission........................................................................................................................32.5 Vision..........................................................................................................................42.6 Risks / Concerns.........................................................................................................52.7 Acceptable Use of SharePoint.....................................................................................52.8 Escalation Procedures.................................................................................................6

3 Definitions and Acronyms.............................................................................7

4 Resources....................................................................................................94.1 Team Roles and Responsibilities.................................................................................94.2 People.........................................................................................................................94.3 Individual Roles and Responsibilities........................................................................124.4 How To Get Involved.................................................................................................164.5 Equipment................................................................................................................174.6 Locations..................................................................................................................17

5 Governance Hierarchy................................................................................185.1 SharePoint Management...........................................................................................185.2 SharePoint Governance............................................................................................18

5.2.1 Site Governance..............................................................................................185.2.2 Content Governance.......................................................................................185.2.3 Layout and Design Governance....................................................................205.2.4 Security Governance......................................................................................25

5.3 Development Governance........................................................................................265.3.1 Procedures for a Fully Customized Solutions.............................................265.3.2 Procedures for Third Party Software Installations....................................275.3.3 Procedures for Intranet Changes.................................................................27

6 Operations Policies.....................................................................................29

7 Application Usage Policies..........................................................................34

8 Communication and Training.......................................................................388.1 Communication Plan.................................................................................................38

Page


8.2 Training Plan.............................................................................................................39Training Recommendations...............................................................................................398.3 Support Plan.............................................................................................................39

9 References.................................................................................................43

Page


1 EXECUTIVE SUMMARYThe SharePoint Governance Plan is a guidebook outlining the administration, maintenance, and support of <Company Name> SharePoint environments. It identifies lines of ownership for both business and technical teams, defining who is responsible for what areas of the system. Furthermore it establishes rules for appropriate usage of the SharePoint environments.

An effective governance plan ensures the system is managed and used in accordance with its designed intent to prevent it from becoming an unmanageable system. The management of an enterprise-wide system involves both a strategic, business-minded board to craft rules and procedures for the use of the system and also a tactical, technically-competent team to manage the routine operational tasks that keep the system running. Users of the system will be empowered by a support and developer community sponsored by the business leaders.

The primary goals of this document or plan are to:

1. Create the people infrastructure to govern and support the SharePoint environment.2. Document initial governing policies and procedures of the SharePoint environment.3. Communicate the need for the business to provide support via people resources.

Positioning of SharePoint

The business ultimately owns SharePoint, creating strategic synergies amongst themselves and capturing business opportunities. The IT group facilitates the use of SharePoint through the maintenance and administration of this platform.

SharePoint will be the standard technology for hosting the corporate Intranet. To provide an infrastructure platform for hosting SharePoint-based applications. Designed to empower users to collaborate on and share information. Out of box templates to supplement but not replace the enterprise solutions that are

already in place. SharePoint site content will be primarily in English; however additional language

packs will be available to provide either language specific sites, or site content available through variations. (See section 5.2 Content Governance)

Exclusions of SharePointDetermining what SharePoint won’t be used for is just as important as what it will be used for.

Extranet and/or Internet development on SharePoint due to licensing costs and network implications.

SharePoint should not be used as a repository for Source Code control. Highly sensitive data such as personally identifiable information (e.g. Social Security

Information).

Future DirectionIt will be the responsibility of the <Company Name> Strategy team to collectively seek out business opportunities to enhance. This team is charged with finding the right balance between technology and the business, and between centralized control and decentralized empowerment. They drive the deployment from a strategic perspective and provide the

Page 1


overall insight and direction needed by the tactical teams. They are constantly looking for synergies where SharePoint can help the organization operate more effectively or efficiently.

They understand how the business is growing, and where it could be growing. In the end, their role is about leveraging SharePoint to improve on business processes.

The team will ask questions such as:

How do we improve business processes and how do we deliver on that? What structures need to be in place to deliver this value? What areas of the business offer the most opportunity for growth? How can we align our activities with the goals of the business? Are there synergies that can be created between divisions and departments? What groups are doing similar initiatives and how can we help? What ways can we reduce inefficiencies and duplication?

Page 2


2 INTRODUCTION

2.1 ObjectivesThe primary objective of this plan is to define a governing body and to define the rules for the usage and management of the SharePoint environments. Other objectives are:

Identify the lines of ownership and support for the business and technical teams. Establish rules for appropriate use of the platform. Identify appropriate business owners willing to provide strategic insight and

direction for SharePoint, and able to drive strategic initiatives into their respective organizations.

Identify appropriate infrastructure (IT) resources to provide operational support for the system.

Create an effective support system with proper channels of escalation for end users of the SharePoint environments.

Communicate the need for business leaders to provide the technical support necessary to the SharePoint platform in the form of technically talented employees who are both willing and able to customize, personalize, and use SharePoint in a manner that fulfils the business opportunities as identified by the strategy team.

Establish initial governing usage and maintenance policies and procedures for the SharePoint environments.

Define the governance policies for custom developed solutions. Provide direction for business and IT Users in addressing issues.

2.2 AudienceThis document is intended to be read by all members of the SharePoint governance team as well as all key users of the SharePoint environment (IT, business owners, and site administrators).

2.3 Purpose/ScopeThis SharePoint Governance Plan outlines the ongoing administration, maintenance, and support of this organisation’s current SharePoint deployment. The plan includes the definition for the SharePoint environments including Disaster Recovery, Development, System Test, UAT, Maintenance and Production. This is the initial service definition and deemed to be a living document.

2.4 Mission“To be recognized as <Add your company Mission Statement Here…>.”The SharePoint initiative will provide an enhanced communication channel to improve the effectiveness and competitiveness of the organisation by supporting collaboration, knowledge sharing and project execution.

2.5 VisionThe vision of the product should be aligned to the company vision and support that. Realising this vision however is difficult to achieve without Executive buy-in.

Page 3


Improve Communication: Implement a Portal in SharePoint in order to improve communication between the organizations departments, and employees.

Foster and Optimize Collaboration: Implement a structure within SharePoint to enable the sharing and collaboration of files, documents and content through SharePoint’s built-in functionality in order to move away from reliance on file shares.

Connect Employees: Improve the ability for employees to find each other and improve team collaboration using SharePoint’s built-in people search capabilities.

Improve Productivity: Provide greater efficiency to employees by simplifying access to important business systems.

Unify Communication: Implement a more unified communication experience and improve communication between departments and employees.

Optimize Collaboration: Improve the sharing and collaboration of files and documents through SharePoint’s built-in functionality in order to move away from reliance on file shares.

Accelerate Discovery: Provide the ability to search for and find relevant files and documents using SharePoint’s built-in search capabilities both in and outside of SharePoint.

Encourage Engagement: Enable employees to share more personal information through their profiles and the built in social features of SharePoint.

Provide a standardized and scalable information management, collaboration and application hosting service to address the business and productivity needs.

Manage a collaboration platform that will facilitate the storage and sharing of structured and unstructured corporate documentation.

Reduce the size of email by encouraging users to send references to stored documents instead of sending attachments when corresponding.

Reduce IT overheads and security risks in support of corporate-wide initiatives by consolidating legacy platforms to standardize information management, collaboration and SharePoint-based application hosting.

Facilitate the migration of unstructured documentation on file servers to SharePoint.

Provide consistent corporate branded Intranet sites.

Empower User: Train users so they are more autonomous and efficient while using SharePoint.

Change corporate culture to keep “master” documents on SharePoint for easier backup, search, and auditing and lifecycle management.

Page 4


Support green computing by using technologies like virtualization to reduce the number of physical servers required.

2.6 Risks / ConcernsThe following are risks to an effective governance plan:

Inadequate support from the business leaders to affect proper governance. Administrators or users refusing to follow the given policies in this plan. Lack of policy enforcement. The Governance team does nothing.

2.7 Acceptable Use of SharePointThis list is not all inclusive and subject to be amended as and when required. Violation of these policies will result in the revoking of site access with immediate effect by the relevant Administrator. Restoration of the user’s access needs to be motivated in writing by the business unit owner and subject to approval by the Governance Forum:

All content stored is subject to the official Social Media and Internet Usage Policies. Do not post any offensive, racist, defamatory, pornographic information of any kind.

All configuration of out of box functionality and templates is acceptable, (with the conditions stipulated in ‘Positioning of SharePoint’).

No customization to the look and feel or default site themes is permitted under any circumstances.

No changes allowed to the Master Pages or core.css files in development tools, e.g.: SharePoint Designer and Visual Studio.

Customization with SharePoint using SharePoint Designer is not permitted unless by trained and authorized personnel.

No leveraging of Content Types is allowed without the correct level of expertise and evaluation by the IT SharePoint team.

Under NO circumstances may anyone change the “TITLE” field or any other field on the core Item Content Type or any other core Content Type.

All company content must be stored on the Intranet, Department, Project or Team sites, not on My Sites. My Sites are for limited private information only.

Under NO circumstances may anyone leverage Enterprise Features or build and deploy Forms Services, Excel Services, BCS’s or Report Centers without prior approval from IT as these components require additional support and expertise to properly implement. No-one may create "Administrator Approved" InfoPath forms without following the IT SharePoint Development Standards.

No-one may do custom development with an internal or external developer without following the full change control and SDLC process and SharePoint Development Standards. Custom development is anything that needs to be compiled and deployed to the SharePoint Platform.

2.8 Escalation ProceduresSooner or later someone is going to break the rules and put something “illegal” on the platform, or refuse to follow best practices or governance rules. There needs to be an escalation procedure for this.

Page 5


Any 3 violations of the governance policy will result in all access being revoked from the platform and reinstatement will need to be submitted in writing which needs to be approved by the governance team first.In the event of business users or administrators experiencing issues, the escalation process will be as follows: The business users or administrators should contact the IT Support Line (IT Help Desk). If the IT Support personnel cannot resolve the issue, then they will contact the SharePoint Administrator who will follow up on the issue.

Page 6


3 DEFINITIONS AND ACRONYMS

List any new terms or abbreviations in the document that business users are not likely to have heard before.

Term Description

Site Collection

A Collection of SharePoint Sites that share content and permissions. Each set of sites have the same owner and share administration settings. Each site collection contains a top-level Web site and can contain one or more sub-sites. There can be multiple site collections on SharePoint Farm.

Site The Top-Level site in a SharePoint Site Collection.

Farm A centralized grouping of Network Servers. A SharePoint Server Farm may Host Several SharePoint Related Services

SDLC Systems Development Lifecycle.

SharePoint A Web based platform framework providing collaboration and content management. The framework can be used to create web based solutions that map back to business processes.

WSP Windows SharePoint Package. Custom coded solutions that when deployed to a Farm provides additional or unique functionality.

Feature A Set of Activities or Functions that when enabled, wakes up new SharePoint functionality.

Web SharePoint Sub-Site contained in a Site Collection.

InfoPath Client-Side (Office) Tool for creating Electronic Forms.

My Site

A single page portal that contains the user personal sites links, etc. My Site consists of both a public and private view. The private view is intended as a personal workplace for the individual end user. The public view, on the other hand, acts like a business card that can be accessed by other portal users. You can see the different views by clicking either Private or Public under the Select View list.

Content Type

A content type is a reusable collection of metadata (columns), workflow, behaviour, and other settings for a category of items or documents in a SharePoint list or document library. Content types enable you to manage the settings for a category of information in a centralized, reusable way.

Site ColumnA reusable list column (Metadata). Site columns can be applied to Content Types which are attached to a List, or added directly to a List.

MetadataThe properties associated with a document. Metadata can be system-defined, such as file size or modified date, or user-defined, such as author or title.

Master The single document that defines the “One Version of the Truth”.

Page 7


Term Description

DocumentHaving a Master document eliminates multiple versions of the same document which can cause confusion as to which document is the real or final version. SharePoint handles versioning in Lists and Libraries, but only shows the latest document in the List view.

PropertyAn element of metadata for a document profile. Each document profile has multiple properties. Properties can be system-defined, such as file size or creation date, or can be user-defined, such as title or keywords. See also: metadata

IT Information Technology

Page 8


4 RESOURCES

4.1 Team Roles and ResponsibilitiesThe SharePoint environments will be managed by two teams: a strategy team and a tactical team. Regardless of what name we ascribe to these teams, they will play distinct roles and have distinct responsibilities. For the purposes of this governance plan, the teams are defined as follows:

4.2 People

Strategy Team

Serves as the primary governance body with ultimate responsibility for meeting the goals of the business. This team provides strategic business insight, direction and prioritization for the portal and is comprised of representatives of each of the major businesses represented including Corporate Affairs, and IT. This small team will provide strategic insight and direction for the SharePoint. A business, technology, and geographically diverse representation are ideal. Membership is temporary and volunteer. This team consists of appropriate business owners willing to provide strategic insight and direction for the platform, and able to drive strategic initiatives into their respective organizations. Resources represent a good balance between business and IT, and also centralized control vs. decentralized empowerment. This team is a small, living team reconstructed on a quarterly basis with new volunteers to maintain a fresh perspective on the business and exploit the collective wisdom of the company.

Location Department Contact Contact Email Contact Phone

Pittsburgh Executive <Name>

Pittsburgh Information Technology <Name> ∆

Pittsburgh Information Technology

Finance *

Sales & Marketing *

Page 9


Human Resources *

Legal & Compliance

Operations *

Administration *

Communication *

Technical *

Security* Temporary Members, rotated out∆ SharePoint Administrator

Tactical: Operations Team

This team will provide operational (IT-related) support and maintenance for the system infrastructure. Membership is more or less permanent and required. Infrastructure (IT) resources provide operational support for the system as they help to ensure the enforcement of the governance plan and manage the more routine maintenance of the system by performing nightly backups, usage monitoring and analysis, scheduled task validation, and keeping the system current with security releases and system upgrades.Location Department Contact Contact Email Contact

PhonePittsburgh Information TechnologyNew York Information TechnologyPittsburgh Information Technology <Name>Pittsburgh Information Technology <Name> ∆

New York Information Technology <Name> ∆

∆ SharePoint Administrator

Tactical: Support TeamThis team will provide support of the SharePoint applications to end users. Membership by business owners is semi-permanent; expected, but not required. Regional Support Members and all end users will rely on business membership.

SharePoint site owner’s, help desk personnel, and other various support resources create an effective support system with proper channels of escalation for end users of the SharePoint environments. This team handles application questions, bugs, and other problems requiring issue resolution.Location Department Contact Contact Email Contact

PhonePittsburgh

Page 10


New York∆ SharePoint Administrator

Tactical: Development TeamThis team will customize, personalize, and use SharePoint in a manner that fulfils the business opportunities as identified by the strategy team. Membership is assigned by member’s business unit on either a permanent or ad hoc basis.

Technically talented people both willing and able to customize, personalize, and use SharePoint in a manner that fulfils the business opportunities as identified by the strategy team. This team is a loosely-knit community of developers with varying degrees of proficiency in software development.

Members can range from highly skilled programmers to technically savvy end users in charge of personalizing departmental team sites. Skilled developers will handle large change requests, new features, and program management while ensuring adherence to standards.Representing Area Contact Contact Email Contact PhoneInformation Technology <Name> ∆

Information Technology <Name> ∆

∆ SharePoint Administrator

Strategy TeamRole Provide strategic insight and direction for the platform.

Who* Appropriate business owners worldwide representing a good balance between business and IT, and also centralized control vs. decentralized empowerment.

Responsibilities

Be willing and able to drive strategic initiatives into their respective organizations

Volunteer for a six month service rotation to maintain a fresh perspective on the business and exploit the collective wisdom.

Seek answers to the following: How do we improve business processes and how do we deliver on that? What structures need to be in place to deliver this value? What areas of the business offer the most opportunity for growth? How can we align our activities with the goals of the business? Are there synergies that can be created between divisions and

departments? What groups are doing similar initiatives and how can we help? What ways can we reduce inefficiencies and duplication?

Visionary – survey the platform landscape, developing and directing its future direction Evangelist – serve as cheerleader for the platform technology and what it can do for the

business User adoption – facilitate user adoption via focused, one-on-one tutorials (primarily with

executives who don’t have time to sit thru training programs), incentive programs (for best collaborative sites, etc.), and feedback surveys.

Training – as primary trainer for SharePoint, will hold regular training sessions for advanced users and site administrators.

Page 11


Support – serve as top level support for site administrators (infrastructure support will be provided by IT).

Business Analyst and Developer Liaison – meet with business leaders to gather requirements for new SharePoint projects and manage development efforts of development team.

Tactical: Operations TeamRole Provide operational (IT-related) support and maintenance for the system

infrastructure.

Who Infrastructure (IT) Resources; Central IT, & Local Operations Teams.

Responsibilities

Help ensure the enforcement of the governance plan Manage routine maintenance tasks such as:

nightly backups usage monitoring and analysis scheduled task validation keeping the system current with security releases and system upgrades

Tactical: Support TeamRole Provide support of the SharePoint applications to end users.

Who SharePoint site owners, help desk personnel, and other various support resources worldwide.

Responsibilities

Create an effective support system with proper channels of escalation Respond to application questions, bugs, and other problems requiring issue

resolution. Provide typical SharePoint administration roles such as:

Provisioning site for end users Assigning security permissions to users and groups

Tactical: Development TeamRole Customize, personalize, and use SharePoint in a manner that fulfils the business

opportunities as identified by the strategy team.

Who Technically talented people worldwide. Members can range from highly skilled programmers to technically savvy end users in charge of personalizing departmental team sites.

Responsibilities

Skilled developers will handle large change requests, new features, and program management while ensuring adherence to standards.

Develop customized and personalized solutions for departmental team sites and divisional SharePoint sites.

4.3 Individual Roles and Responsibilities

Information Technology RolesRole Responsibilities and Permissions Required Candidate

Page 12


Tasks Skills ExampleSystem Administrator

Responsible for platform infrastructure (hardware, OS, etc.) Security / permissions Backups / restoration Initial support; train and assign a

resident SharePoint expert for WSS admin.

Disseminate general SharePoint info

Teach SharePoint Meet w/ business on "how-to"

accomplish tasks Manage file size limits or quotas Initial configuration of WSS

(Central IT)

Has SharePoint Administrator rights

Has site collection access

Will have access to SharePoint and site configuration settings, but should not make any changes without the SharePoint Administrators permission

SharePoint Administration

Windows Server Administration

SQL Server Administration

Networking

Information Technology Professional

SQL Administrator

SQL backups and restores Has no SharePoint or WSS administration rights

SQL Server Administration

SQL DBA

Infrastructure Resource(s)

Responsible for the acquisition, installation and maintenance of the hardware infrastructure. Provide day-to-day operation

support to SharePoint Team Review existing infrastructure

setup, develop best practices and operation guidelines

Networking Configuration Permissions

Network Administration

Domain Administration

Corporate or Regional IT, Communication and Network Engineers, Network Security Engineers.

Active Directory Resource(s)

Responsible for ensuring the SharePoint is leveraging AD appropriately. Assist with Setting up the

SharePoint to use AD for authentication

Assist in synchronization of SharePoint with AD

Active Directory Write Access Permissions

Active DirectoryDomain Name Services (DNS)

Active Directory architects.

Page 13


SharePoint RolesRole Responsibilities and

TasksPermissions Required

SkillsCandidate Example

SharePoint Administrator

Responsible for global SharePoint and WSS configuration, shared services, policies, procedures, and SharePoint vision.

Configuration of SharePoint

Total access to the entire SharePoint areas and all sites.

Total access to SharePoint and site configuration settings.

Has no system administrative or SQL administration rights.

SharePoint Administration

SharePoint Topology Architecture

Corporate or Regional IT SharePoint Farm Administrator

Area Owner / Administrator

Responsible for SharePoint area content. Manage security Create sub-areas Example: News Area will be

managed by the Communications department.

Content creation

Site and Web Permissions

Has no Site Collection MasterPage and Page Layout rights.

Online Publishing

SharePoint Security

Communications Lead; other high-level Corporate publishing lead.

Site Collection Administrator

Responsible for site provisioning of all sub-sites; responsible for administering and maintaining site. Manage security for all sub-

sites

SharePoint Site Collection Permissions

SharePoint Publishing

SharePoint Security and Permissions

Content Management

Advanced SharePoint Features

Typically a Site Owner with elevated security rights; a Departmental site admin; anyone in the company with the required SharePoint security knowledge; typically this person would also be the site owner if they are responsible for content.

Site Owner Primary and Secondary site owner. Manage the site layout (look

and feel), structure, and content.

Content creation.

Grant access to this site, but not sub-sites.

Web designer permissions.

SharePoint Security and Permissions

Content Management

Departmental head; team lead; end user; anyone requesting a site for a business purpose.

Web Designer Branding, Page Layout and Graphics design

Site Collection Administration

HTML, MasterPage and Page Layout design. Graphics development

Web Designer, Graphics Designer

Contributor Read, Write and Deletion of Content

Site Member Permissions

Content Management

Site or Web Member providing content creation

Reader Reader or Viewer of content Has read-only access to content

Web Browser Navigation

Site or Web Visitor

Social Media Moderator

Moderate content created by end users for accuracy and …

Wiki, Blog, Discussion Board owners.

Taxonomy Administrator

Manage the Global Information Taxonomy, Global Navigation, Keywords, Best Bets

Managed Metadata Administration

Managed Metadata, Search Administration

SharePoint Administrator’s, Intranet Administrators

Page 14


Business RolesRole Responsibilities and Tasks Required

SkillsCandidate Example

Executive Sponsor

Serves as the executive level “champion” for the portal. The primary responsibility of the Executive Sponsor is strategic, positioning the solution as a critical mechanism for achieving business value and helping to communicate the value of the solution to the management levels of the organization

Overview of SharePoint capabilities. Budget Management.

Encourages platform adoption

Business Lead (could include IT)

SharePoint Lead Architect

Responsible for translating business needs addressed by the Strategy Team into initiatives for the SharePoint and coordinating SharePoint Administrator efforts. Gather initial business requirements Design the initial architecture for successful

development Provide architectural guidance to development Lead consulting team for initial release Manage project risks, and escalate incidents to

the team as necessary Work with the Infrastructure Team to develop

infrastructure and operation best practices Work with System Administrators to develop

best practices

Systems analysis

Networking IT research Strategic

planning Project

management Group

leadership Resource

planning

This is a business role who understands the company and how the platform can support business needs.

Developers Responsible for building the framework and features of the SharePoint. Build the SharePoint look and Feel Modify SharePoint Templates as Needed Build New Web Parts Write ASP.Net Code Participate in Design Tasks as needed Participate in Development and Testing as

needed

Systems analysis

Programming

.NET and SharePoint developers. Power Users.

Application Resources

Responsible for SharePoint applications and third party applications. Build and maintain applications or web parts

that leverage KPI data Business Intelligence, Reporting, Dashboards,

and data analytics.

Financial analysis

Metric design Technical

understanding

Market research

Business Professional/Power User

Business Analysts

Responsible for communicating with the business to gather requirements and translating them into business solutions.

Financial analysis

Metric design Technical

understanding

Typical B/A who understands the Platform’s capabilities

Business Owner

Responsible for owning and directing a specific piece of the SharePoint, relevant to their business unit, department, or team.

Strategic planning

Departmental head, team lead, or end user having responsibility of a business problem; typically

Page 15


Role Responsibilities and Tasks Required Skills

Candidate Exampledepartmental head or higher.

Content Creator

Responsible for content creation. Web Publishing

Site Contributors

Legal Responsible for SharePoint and content compliance with legal mandates. Assist with compliance policy creation Educate users on compliance law Audit and enforce compliance.

Knowledge of compliance laws

Corporate Legal and Security

4.4 How To Get InvolvedEmployees interested in becoming a member on any of the SharePoint support teams (Strategy, Operations, Support, or Development) should look for a link on SharePoint that takes them to the SharePoint Governance site. Employees will be able to volunteer their services on this site. Alternatively, Employees can contact any of the SharePoint Administrators directly.

Page 16


4.5 EquipmentThe following equipment is subject to this governance plan except where existing IT governance policy dictates otherwise. In cases of discrepancy, the existing IT governance policy will prevail. Unless otherwise noted, all equipment is located in Denver, USA where the time zone is GMT -7.Production Server Farm (Physical & Virtual Servers)Server Role Server Name (FQDN) IP AddressWeb Front End 1 (WFE1)Web Front End 2 (WFE2)Application Server 1 (APPS1)Application Server 2 (APPS2)SQL Server 2012 (1)SQL Server 2012 (2)SQL Server 2012 SSRS (1) SAN Array (1)SAN Array (2)

Staging Server Farm (Physical & Virtual Servers)Server Role Server Name (FQDN) IP AddressWeb Front End 1 (WFE1)Web Front End 2 (WFE2)Application Server 1 (APPS1)Application Server 2 (APPS2)SQL Server 2012 (1)SQL Server 2012 (2)SQL Server 2012 SSRS (1) SAN Array (1)SAN Array (2)

Development Server Farm (Physical & Virtual Servers)Developer Server Name (FQDN) IP Address<Name> <ServerName>.Contoso.com xx.xx.xx.xx<Name> <ServerName>.Contoso.com xx.xx.xx.xx

4.6 LocationsThis governance plan covers all SharePoint usage for the Corporation worldwide. The following locations are governed by this plan:Location Notes<Location Name><Location Name>(All Plant and Office Sites) Not all employees will have access directly from these locations. VPN may be

required.

Page 17


5 GOVERNANCE HIERARCHY

5.1 SharePoint ManagementThe SharePoint environments will be managed via a top-down approach out of two geographically dispersed regions: North America and Europe. Environments to manage will be both IT infrastructure operations and the SharePoint application usage. Each region will have an IT resource and a SharePoint resource. Regions are ultimately governed by the SharePoint Strategy Team. Additionally, each site will have its own local administrator—typically the Site Owner/Administrator—who will manage SharePoint locally and escalate issues up to the regional resource as necessary.

5.2 SharePoint GovernanceThe SharePoint Strategy Team will provide a unified, centrally governed approach to the SharePoint environments. This team is the overriding authority for all architectural, design, and development decisions, including all policies and procedures created for the SharePoint environments. IT will strongly influence foundational and framework-related issues.

Governance will be tightly controlled in areas where there is substantial public exposure in terms of readership (whether internal or external) or potential litigation issues. In areas with limited readership or public exposure, governance will be less controlled and allow for a more de-centralized empowerment of end users. IT will generally defer to the business’ direction or influence for features and content-related issues.

The following areas will be considered by the SharePoint Strategy Team for inclusion in this governance plan:

A network user account (Windows Account) is required to access SharePoint. Internal users, internal data sources, and inputs/outputs. Personal, team, departmental, divisional, corporate, global considerations. Subsidiaries and Affiliates: Technologies, processes, logistics, and finances. Cultural, political, language, religious, social, economic, and gender forces and

influences.

5.2.1 Site GovernanceDormant sites will be deleted, disposed or archived after 3 months of inactivity. Inactivity is considered as content that has not been updated. A communication will be sent to the relevant site owner advising of the deletion first. If no response is received from the site owner, the site will be archived, and then deleted from the farm. A new site request form will need to be completed should the requirement arise in the future.

5.2.2 Content Governance

What follows are merely suggestions as a starting point for defining your SharePoint legal and accountability standards. Realistically your standards might vary quite a bit depending on your industry, SharePoint usage and compliance needs.

SharePoint Legal, Compliance and Accountability Standards

Existing standards and policies which relate to the use of technology in the enterprise still apply.

Page 18


o This includes acceptable use, privacy, copyright, records retention, confidentiality, and content security.

o Do not post content that we do not own the legal right to post electronically, including scanned images of journal articles or other documents from sources to which our organization does not have online publishing rights. A link may be created to this content on the content owner’s Web site.

Copyright violations can be very costly to our business.

Content Contribution and Ownership

Site Owners are accountable for ensuring that the content posted on their pages is accurate and relevant and complies with Legal, Compliance, Accountability standards, and content/records retention policies.

o While Site Owners are accountable everyone has a shared responsibility of ensuring content is accurate, relevant, current, and appropriate.

Only post content that you “own” on a collaboration site or on your My Site. Ownership means that the document is or was created by someone in your department and your department is committed to maintaining the content for its entire lifecycle. If a document is not owned by your department but access to the document is needed on your site, ask the owner to post it and then create a link to it on your site.

o This improves how current or up to date content will be and reduces the potential of having multiple copies of the same document throughout SharePoint confusing search and adding extra layers of document management.

o An exception to this rule may be if a source and target relationship is created through the use of send to functionality. In this way the chances of ‘copies’ being out of date has been reduced.

Edit content in place. Don’t delete documents to create new ones. o Because content contributors on one site may have a link to content on a

site they don’t own, it is important to have a standard reminding users to “edit documents in place” so that links do not break.

Folder creation in libraries should be avoided at all possible. Consider using Document Sets as a replacement.

Always provide a “Title” when creating or uploading documents. This provides the basis for Search.

Use shorter names for sites, folders, lists, and documents and control the depth of the site and folder structures to reduce the lengths of URLs. Always provision these assets using a short naming convention (without spaces or special characters) and then renaming the label (Title) after the asset has been provisioned (Created).

o There are length restrictions which can have a significant impact if not planned for with careful naming: http://technet.microsoft.com/en-us/library/ff919564.aspx.

Content Security

For standards related to content security see our SharePoint Security Policy.

Discussion Boards and Internal Forums

Must have a champion who will also serve as the discussion board moderator.

Page 19


o It is this individual’s responsibility to ensure questions are answered, that the discussion board is adding value and to help the facilitation and categorization of discussions to improve readability and response.

Use of Language There will be ten languages provided for use on the SharePoint Platform. (English,

Spanish, French, Czech, Slovak, Romanian, Serbian, Hungarian, Dutch, Turkish) The use of the Variations feature can be used to provide the same publishing

content in these languages.

Document Standards

File names should be topical and descriptive. Avoid using spaces or special characters when creating or uploading documents.

Replace spaces with “Underscores”. This helps avoid broken links when e-mailing document links.

Avoid the use of dates or version numbers in file names whenever possible. Use the Built-In Versioning feature instead.

Reduce file size whenever possible. No files over 100mb should be stored within SharePoint.

Homepage Standards

All content displayed on the homepage must be approved by an appropriate subject matter expert as well as the homepage administrator.

o In order to be fair in determining what content should be on the homepage it’s important to follow an approval process for homepage content. This is the most visited page in our SharePoint implementation so it’s important to carefully consider design, usability, and applicability of the content before it is posted.

5.2.3 Layout and Design Governance

Navigation

Core navigation changes to the top navigation bar of the home site must be approved by the Taxonomy administrator.

Whenever possible the navigation should not be nested more than 3 levels deep.

Page Design and Layout

All pages should render at minimum on 1024 by 768 screen resolutions with no horizontal scrolling.

o Whenever possible vertical scrolling should be avoided by splitting the content into multiple pages.

The most important content should be in the top left most region of the page. o Since readers read left to right and top to bottom this is where they will

look first and should be where the most prominent/important content on any page should begin.

Light fonts on light backgrounds and dark fonts on dark backgrounds should never be used on any pages or articles of content.

Page 20


Pictures and Media

Any added pictures should have alt tags defined for them. If possible all video content should have an available transcript. It is important to follow all existing individual consent policies when including

pictures of other people in any SharePoint site.

Ratings

Content ratings represent how useful the content was to you. In our organization a piece of content rated as 5 is very useful, where as a rating of 0 or 1 would denote that it was not useful to you.

Providing a rating on content will improve “Rank Coercion” which improves weighting on Relevant Searches.

Rich Text and Page Content

Do not underline anything that is not a hyperlink, instead using a bold typeface.

Links

Make any link text concise and descriptive so that it is clear and easy to read what the link references.

o Bad: Click here for the latest application form o Better: Download the latest application form o Best: Download the latest application form

Links to documents or pages within the site collection should not open in a new window.

Links to documents or pages in another site collection should open in a new window.

Links outside the intranet (to another application or external site) should open in a new window.

Site Standards

Every SharePoint Site must have an identified sponsor/owner. Further roles can be identified such as a site administrator, security administrator, or content manager for any specific site.

A review of each site must be conducted at a minimum of every 12 months with the sponsor/owner as well as any other relevant site roles. This review must ensure that site content is accurate, relevant, and current.

o A checklist to assist the site review process will be provided to you upon creation of the site and can be downloaded at the following location: http://intranet/sites/Governance/Downloads/SiteReviewCheckList.docx

All SharePoint sites should have a primary and secondary contact responsible for the site and its content.

The site contact(s) should be listed on the site homepage where (if possible) their names link to their respective profile pages. The email address of each contact should also be displayed to simplify and encourage contact with them.

New site requests must follow the defined site provisioning process found here: http://intranet/sites/Governance/Downloads/SiteProvisioningProcess.docx

o Content Ownership and Site Ownership must be assigned before a site can be provisioned.

Page 21


o Any significant security requirements must be identified. o Storage and growth expectations must be identified.

Sites should have short descriptive names without spaces or special characters. o Use shorter names for sites, folders, and documents and control the depth

of the site and folder structures to reduce the lengths of URLs as there are length restrictions which can have a significant impact: http://technet.microsoft.com/en-us/library/ff919564.aspx.

o Avoid the use of spaces, or special characters as they add extra length to the URL of content when encoded.

Communities of Practice (CoP)

Whenever possible a community site should have at least 200 to 300 members.o This helps ensure that there is a large enough group of people to keep the

community site fresh, active, and that personal connection/communication isn’t as viable (based on the size of the collective).

Authors Note: Microsoft has stated this a few times for many reasons around growth, activity, and other reasons. However that doesn’t mean a smaller community wouldn’t have potential value.

Communities should have at least one clear designated moderator.o The moderator will be responsible for clarifying the community’s purpose,

when possible aggregating responses into best replies, re-categorizing mistakenly categorized questions or discussions, managing reported content, and managing badges/rewards.

o Moderators should have a simple ‘Moderator Badge’ using the badge functionality of the SharePoint community applied to them (allowing for easier identification).

All categories within community sites should have an image or Logo associated with them that represent the category.

Depending on how sites are provisioned, tracked, and managed it may be important to note the type of community site clearly for each community site. This enables easier management, and coordination around communities.

o There are four types of community sites Private - available only to invited members. Closed - read for all but only approved members can contribute.

The owner gets an action request when someone wants to join or auto-approval can be enabled.

Open with explicit action required to join (i.e. users click the "Join this community" button).

Open with no explicit requirement to join. Anyone can participate without joining. Without joining, however, there is no automatic following of sites.

If a question has been answered, but a best reply isn’t clear to the poster – they should contact the moderator to assist in compiling a best reply answer that is an aggregation of the answers.

An additional view of “No Replies” should be created to assist users in finding unanswered questions, or discussions that have not been followed up to improve awareness.

Social Tagging

Socially tagged content is still security trimmed. That means that any socially tagged content will only be shared and available to other people who can already see that content.

Page 22


Tags should add to the value of the content. Use words that help identify it, or describe what you found to be positive about the content. Here are some examples sectioned into the two types of tags.

o Identification Project XYZ Marketing Schedule

o Positive Excellent Comprehensive Good Case Study

It is entirely acceptable to tag content the same way that someone else has already tagged it.

It is entirely acceptable to tag content with a phrase or word even if that content has a column value specifying the same thing.

Negative tagging is not allowed in our organization. Instead or alternatively identifying words should be used.

o Acceptable Outdated No Longer Relevant Incomplete Missing References or Research

o Unacceptable Prehistoric Thinking Bad Case Study Garbage Profanity

News Feed

Avoid split posts to the newsfeed based on length limits (meaning if you have more to say than 512 characters consider a discussion or other medium for capturing/sharing).

“Everyone” or Public Newsfeed Posts are not security trimmed (meaning everyone can see these posts, links contained within them, or other post information).

o Automatically generated posts are security trimmed (where appropriate).o Site newsfeed posts are security trimmed based on the site’s security.

Negative #Hashtags are not allowed in our organization. Instead or alternatively identifying words should be used.

o Acceptable Examples #Help #Marketing #Boston #LessonLearned

o Unacceptable #Fail #MarketingSucks #Profanity #Stupid

User Profiles

Page 23


You are responsible for updating and maintaining any personal information you would like to share on your profile.

You are responsible for ensuring that any information you share on your personal profile is targeted and secured in the way you want it to be.

o The privacy options available to you are: You only (Private) Your manager (Manager) Your workgroup (Organization) Your colleagues (Contacts) Everyone (Public)

“About Me” can and should contain any relevant information that you believe will be beneficial to share and highlight about yourself. Here are some examples of About Me descriptions to help clarify what you could share.

o “I have been a Quality Engineer with our company for over 10 years. I spend most of my time coming up with effective methods of stress testing, and verifying the quality of our products. I live in Boston, MA with my two daughters, my dog, and my wife and run a community hack space (where we take apart things and see how they work and build new things out of them).”

o “Designer Extraordinaire: I work with our Marketing department and other areas of the business on everything relating to design including Print, Web, and Interactive.”

o “Currently I am on contract and working with HR. I am currently enrolled in my third year of a MBA program at the Boston University’s School of Management. I have so far been involved in our new Microsoft Technology Training initiative, our corporate wide succession planning initiative, helped drive the implementation of our coaches’ corner and mentoring system and many more great projects.”

Apps

SharePoint Apps is a new concept in SharePoint allowing you to purchase and download pre-built applications from the SharePoint App store.

When you visit the SharePoint store you may view apps that interest you, but will be unable to purchase or download these apps directly. Instead you will need to fill out an app request which will be reviewed and the app team will try their best to meet your underlying needs.

5.2.4 Security Governance

Environmental Security Standards

Separate accounts must be used for different services and processes. No executing service or process account may be running with local administrator

permissions. All Servers are managed by IT in a secure server room on premises.

Content Security Standards

Customizing item level permissions should be avoided whenever possible. Assigning individual user permissions should be avoided whenever possible.

Page 24


Group and Permission Management

Each group must have a clear description which lists its purpose and the reasoning behind its creation.

Create a custom group when: o You have more (or fewer) user roles within your organization than are

apparent in the default groups. For example, if in addition to Approvers, Designers, and Hierarchy Managers, you have a set of people who are tasked with publishing content to the site, you might want to create a Publishers group.

o There are well-known names for unique roles within your organization that perform very different tasks in the sites. For example, if you are creating a public site to sell your organization’s products, you might want to create a Customers group that replaces Visitors or Viewers.

o You want to preserve a one-to-one relationship between Windows security groups and the SharePoint groups. For example, if your organization has a security group called Web Site Managers, you might want to use that name as a SharePoint group name for easy identification when managing the site.

o You prefer other group names because it adds clarity/improves the group’s usability/applicability.

If the default groups are not being used, remove them from the SharePoint site to improve group management and mitigate incorrect group assignment.

Do not customize the default permission levels. o A valid alternative is to create a copy of a default permission level and to

modify the copy. o You should create new permission levels (using the method above) if:

You want to exclude several permissions from a particular permission level.

You want to define a unique set of permissions for a new permission level.

Using Active Directory Groups vs. SharePoint Groups

Managing SharePoint Security is accomplished with SharePoint Security groups. These groups can contain Active Directory groups or Individual Active Directory members or a combination of both. Always add Individual Active Directory members or Groups to SharePoint Groups, never add these explicitly. There is no set rule on when to use Active Directory groups over Individual Members. Active Directory groups are the preferred method when working with many users on a site as this improves performance of search crawls and is the typical method for Intranets. Team Sites are typically either use Individual Active Directory Members as they are typically smaller in size and can be managed by the Site Owners themselves.

The default SharePoint groups should NEVER be deleted or modified. This is the same rule for SharePoint Permission Levels. Instead, create new SharePoint Groups and assign them the appropriate permission levels.

The following table lists the default permission levels for team sites in SharePoint 2013.

Permission level Description

Permissions included by

default

View Only Enables users to view application pages. The View View

Page 25


Only permission level is used for the Excel Services Viewers group.

Application Pages

View Items View Versions Create Alerts Use Self

Service Site Creation

View Pages Browse User

Information Use Remote

Interfaces Use Client

Integration Features

Open

Limited Access

Enables users to access shared resources and a specific asset. Limited Access is designed to be combined with fine-grained permissions to enable users to access a specific list, document library, folder, list item, or document, without enabling them to access the whole site. Limited Access cannot be edited or deleted.

View Application Pages

Browse User Information

Use Remote Interfaces

Use Client Integration Features

Open

Read Enables users to view pages and list items, and to download documents.

Limited Access permissions, plus:

View Items Open Items View Versions Create Alerts Use Self-

Service Site Creation

View Pages

Contribute Enables users to manage personal views, edit items and user information, delete versions in existing lists and document libraries, and add, remove, and update personal Web Parts.

Read permissions, plus:

Add Items Edit Items Delete Items Delete

Versions Browse

Directories

Page 26


Edit Personal User Information

Manage Personal Views

Add/Remove Personal Web Parts

Update Personal Web Parts

Edit Enables users to manage lists.

Contribute permissions, plus:

Manage Lists

Design Enables users to view, add, update, delete, approve, and customize items or pages in the website.

Edit permissions, plus:

Add and Customize Pages

Apply Themes and Borders

Apply Style Sheets

Override List Behaviours

Approve Items

Full Control Enables users to have full control of the website. All permissions

If you use a site template other than the team site template, you will see a different list of default SharePoint permission levels. For example, the following table shows additional permission levels provided with the publishing template.

Permission level Description Permissions included by default

Restricted Read

View pages and documents. For publishing sites only.

View Items Open Items View Pages Open

ApproveEdit and approve pages, list items, and documents. For publishing sites only.

Contribute permissions, plus:

Override List Behaviours Approve Items

Page 27


Manage Hierarchy

Create sites; edit pages, list items, and documents, and change site permissions. For Publishing sites only.

Design permissions minus the Approve Items, Apply Themes and Borders, and Apply Style Sheets permissions, plus:

Manage permissions View Web Analytics Data Create Sub sites Manage Alerts Enumerate Permissions Manage Web Site

5.3 Development GovernanceThis section really falls under IT governance of SharePoint. You don’t necessarily have to go into these lengths in the business version, but you do want to mention at least that all custom development is subject to IT rules and approval.If your organisation is large enough to warrant proper development with dedicated teams, then the following is required to manage that. You don’t want users just dropping things on the platform at will. Some vendors will attempt to bypass governance rules through the business users. Make sure the development rules are properly communicated to users. In SharePoint it’s easy to put custom developed solutions onto the platform using Sandbox Solutions if they have the correct rights. Establish rules around that.SharePoint hosts both out of box collaboration solutions as well as business critical applications. The stability of the environment is at threat with custom developed solutions, and for that reason, all development is very strictly governed. Custom solutions using Enterprise Features also have licensing implications and need to be approved by IT. Regardless of whether the development is done in-house or by external vendors, and irrespective of the type of development; all the following procedures described need to be adhered to.

5.3.1 Procedures for a Fully Customized Solutions

A Technical Impact Assessment must be completed by the business unit and / or Sector Portfolio Manager and submitted to IT which will assess amongst other considerations, licensing and capacity implications. Formal feedback on the assessment will be provided.

The business unit engages with its Project Manager to ensure that the request for a solution is formally documented in a Business System Specification.

The Project Manager must be engaged for all development projects. When necessary, he will appoint an analyst and decide what development effort is required to build the required solution.

The Project Manager arranges a cost estimation exercise to give to the business unit, along with the findings from the Technical Impact Assessment.

It is the business unit’s responsibility to secure the necessary funding for their requirements and register a formal project.

If sufficient IT resources are not available to develop the solution within the business expected delivery timeframe, then the Project Manager will at his discretion

Page 28


outsource the development of the solution to an IT approved SharePoint solution provider.

The Project Manager must formally notify the business unit of the expected timeframes so that user expectations can be managed.

The assumption must always be that the team developing the customized solution will not be the team supporting and maintaining the solution. To this effect it is a non-negotiable requirement that systems documentation must be produced describing the components that enable the specialization and customization of the solution.

Where an external vendor has been selected to do the development, a company Production Support person must be assigned to the project team to facilitate future support. The project must be managed by a company Project Manager.

All SharePoint development must be done under the auspices of IT. Under no circumstances may a business unit engage directly with SharePoint solution providers without the authorization or permission of IT.

It is mandatory that all custom development be presented to the IT design forums for approval.

At the User Acceptance Testing stage the solution needs to be load tested to ensure that the impact on the SharePoint infrastructure is predictable. IT can be called on to assist for this.

All newly developed sites must conform to the Intranet standards for look and feel. Any look and feel changes away from the approved theme must be approved by

Group Marketing’s branding team first; then implemented with the full SDLC process. All themes must be correctly packaged.

5.3.2 Procedures for Third Party Software Installations

All third party products need to be evaluated by IT. If the product is deemed appropriate, IT will request approval from the Software

Standards Council to get the product to the software list. If the vendor is not on the preferred supplier list, they must be placed on the

vendor application process first. The initiating business unit needs to provide funding for the software. The software then needs to follow the SDLC process before being deployed to

Production.

5.3.3 Procedures for Intranet Changes

These are configuration changes or may change the way the Intranet is presented and structured, i.e. the classification of sites and the site hierarchy. The navigation of the Intranet may be affected.

This development is done by the Intranet team. The activities required will be developed on a Test / Development site and the

necessary steps documented. The Intranet Team will raise a service request to have the changes implemented

and are also responsible for communicating the impending changes to the affected user community.

Page 29


The Server Team will use the documentation provided to effect the changes in the Production environment with the necessary change control procedures.

Feedback to Intranet will be provided by the Server Team when the implementation is completed.

Page 30


Governance Model

Taxonomic Section

Characteristics Owners

Corporate SharePoint

Permanent Controlled; tightly governed Push information to users Dashboards, Business Intelligence, BPM Applications, Content

SharePoint administrators

Corporate stakeholders

Divisional SharePoint’s

Permanent Controlled; tightly governed Push information to users All public sites - content is divisional

information Dashboards, Business Intelligence, BPM Applications, Content


Divisional business owners

Department and Team Sites

Permanent and Temporary Sharing information (push / pull) Collaboration Ad hoc, lax control

Divisional business owners

Departmental business owners

Project Team Sites

Short lived, timed expiration Collaboration Ad hoc, lax control

Departmental business owners

Personal My Sites

Permanent Personal info Pull information Ad hoc, lax control


Employees

Page 31

Int rane

SharePo int Deve lopment T

SharePo int St rateg

SharePo int Operat ions Team

SharePo int Suppor t Team


6 OPERATIONS POLICIES

System Administration

TasksManage SQL Databases and Available Storage SpaceBackup and Restoration schedules and audits (list what to backup and where)Auditing of security logsMonitoring: Usage analysis and Tuning; automatic monitoring (MOM) and event notifications.Maintenance of the servers (service packs, etc.)Set and manage quotas for sitesProvide self-support for hardware and software. Where escalation is required, escalate through normal channels (third party vendors and partners).

DocumentationDocument the installation and configuration of the system in its environment. The system must be documented well enough so as to be reinstalled and reconfigured to last known good operating standards, should it become necessary to do so.Document and maintain a document of Scheduled Tasks.Document the IT Support Team and Escalation points of contact.Document the installation and configuration of the system in its environment. The system must be documented well enough so as to be reinstalled and reconfigured to last known good operating standards, should it become necessary to do so.

PoliciesDisaster RecoverySharePoint recovery must provide a full recovery from last backup. Recovery of lost sites will be to the current state of the site at the time the last backup was done.Regional WSS sites are limited to true disaster recovery (i.e., no item level recovery) until WSS v3.0 is released and implemented.HardwareAccess to and governance of hardware is subject to existing IT policies.Hardware will be kept up to date with latest service packs and security updates.Adhere to policies created by SharePoint Administrators and the SharePoint Strategy Team.The general purpose server should be used for File, Print, and SharePoint only.Change ManagementCommunicate with all SharePoint Administrators as defined in the Roles and Responsibilities, any required changes to infrastructure components prior to performing any changes.Communicate with all SharePoint Administrators any proposed changes to the software application, including custom web applications or web parts.

Scheduled TasksThe system provides for some self-maintenance in the form of scheduled tasks, those

Page 32


tasks that run automatically and unattended on a routine, scheduled, basis.There is a need to coordinate the timing of the scheduled tasks to ensure no conflicts of scheduled tasks.Scheduled task Schedule

Active Directory imports NightlyIndex replication NightlyIndexing of content.For performance reasons, Europe might index content local to them during European night-time. At that same time, the US might index content stored on European servers. The indexing process would be the reverse during US night-time.

Various content-dependent schedules during non-business hours.

File System and Database Backups NightlyData replication, if needed for disaster recovery purposes

Real time

Time ZonesFor scheduling purposes, the following time zones shall be observed:

Location North America Europe Asia-PacificTime Zone Denver, USA GMT -

7Europe GMT + 1 China, Singapore

GMT +8Denver, USA GMT -7 8 am – 5 pm 4 pm – 1 am 11 pm – 8 amEurope GMT +1 12 am – 9 am 8 am – 5 pm 3 pm – 12 amChina GMT +8 5 pm – 2 am 1 am – 10 am 8 am – 5 pmSingapore GMT +8 5 pm – 2 am 1 am – 10 am 8 am – 5 pmAsia-Pacific will be supported by Singapore and China. Hours of support are below.India GMT +7

7 am – 4 pm

Japan GMT +9

9 am – 6 pm

Korea GMT +9

9 am – 6 pm

Dandenong, Victoria GMT +10

10 am – 7 pm

Page 33


Service OfferingThe following services are offered for SharePoint: Full Disaster Recovery. Uptime target of 99.9% or better during business operating hours. Restore Point Objective of 4 hours or less for non-severe outages and 7 days for

severe outages. Recovery point objective of 24 hours or less. First line of site support on an ongoing basis by Intranet and Team Site

Administrators with an escalation process to second level support. An initial deployment and upgrade to 100GB of data with the ability to grow as and

when the business dictates – the current infrastructure should support 1,000 concurrent users for a limited number of sites over the first year.

Built in auditing to capture content and user activity accessible to site owners, as well as more advanced reporting with [management tool] on demand from the Administrators.

Search facility on all indexed content. Single sign on. Default site allocation of 25GB per team site – all further space requirements (SAN

Storage) need to be purchased in bulk. Default My Site allocation of 100MB – increased space requirements can be

motivated. Team sites – ring fenced to a team or division. Intranet sites – sites linked to the Intranet and open to everyone in the company. Operational sites – custom developed line of business solutions.

Page 34

NA Support EU Support AP Support


SharePoint Quota PlanSite Quotas will be used to manage unique SharePoint sites. Initially all sites will be located in a single site collection, but overtime this model will not sustain continued usage and growth. When the current team site collection reaches a specific size new Site Quota Templates should be provisioned and used for any new team site requests.Note: This requires all new team site/project sites to be unique site collections in order to assign and enforce a quota on each individual team/project site (collection).Three different quota levels will be created. By default, each site will start at Quota 1. When users are notified that their site is approaching the quota limit, the Tactical Operations SharePoint Governance Team will work with them to review the current site and make adjustments to the existing content. If no adjustments can be made, the site will be elevated to the level 2 quota. If users are notified that they are reaching the level 2 quota, the Tactical Operations SharePoint Governance Team will again review the site content. If it is determined that the site will continue to require additional storage space then downtime will be scheduled and the site will be migrated to a dedicated database.The following flowchart describes the process defined above:

Quota Template Quota 1

Quota 2

Quota 3

Limit Site Storage To A Maximum Of: 25GB 50GB 100GB

Send Warning E-Mail When Site Collection Storage Reaches:

20GB 45GB 95GB

Limit Maximum Usage Per Day To: 300 Points

300 Points

300 Points

Send Warning E-Mail When Usage Per Day Reaches:

100 Points

100 Points

100 Points

SharePoint Administration ∆

TasksAuditing of indexing logs; search and index tuning.Monitoring: Usage analysis and tuning.Policy creation and enforcementDetermine content crawling of regional WSS sites (data sources and crawl schedules)Assist with determining what data stays local in WSS and what data gets stored on the SharePointIntegrate global and/or regional locations into SharePoint

Page 35


Enforcement of allowable / prohibited file type storagePerform routine releases and upgrades to the application.Create site templates for various business scenarios.Responsible for modifying permissions for SharePoint sites and WSS sites.

DocumentationDocument the configuration of the system in its environment such that it could be reconfigured to last known good operating standards, should it become necessary to do so.Document the Application Support Team and Escalation points of contact.Create online documentation for training and support needs or customize existing training material and documentation. This documentation may include a listing of FAQs, How To’s, Wikis, Blogs, Videos and a Glossary of terms.

PoliciesThese policies are subject to the Application Usage Policies. For example, SharePoint Administrators will adhere to site provisioning policy as defined under Application Usage Policies when provisioning sites.Coordinate with SharePoint Strategy Team for policy creation and enforcementThe SharePoint will index approximately 20% of data at each remote siteCannot install custom web parts on the server.Cannot install other apps including custom web applications. This specifically includes SQL Server applications.No customization of site templates, definitions, or navigation without consensus of SharePoint Administrators.Releases and UpgradesMaintenance releases will be offered to end-users once a quarter. Work projects will be scoped by 90-day blocks.Releases will be rolled out from Development to Test and then to Production environments according to procedures and schedules as yet undefined.Testing will occur at each stage (development/test/production) and sign-off will be given before advancing to the next stage.

Page 36


7 APPLICATION USAGE POLICIES

PoliciesSite Provisioning (intranet, extranet, regional vs. corporate, etc.)Sites should target a specific audience.Employees will be able to create their own My Site and manage sub-site creation in their My Site up to the 100MB storage quota.SharePoint Sites should only be used in instances where:

Content that applies to multiple parts of the organization is being aggregated and made available.

There are resources responsible for maintaining the content on the site. The site can be recognized as a top level topic within the organization and is

enduring. (e.g., Human Resources, IT)WSS Sites should be used as follows:

For all document workspaces and meeting workspaces. By teams as a method for organizing information that is specific to the team or

project they are currently working on. SharePoint Administrators may decide to provision top level sites and grant Business Owners provisioning permissions (create, administer, delete) over their own sites. SharePoint Administrators may need to coordinate and create Project sites since all users may not have access initially; however, smaller team sites can be created by Site Administrators.Sites will be created with templates appropriate for their business purpose.Sites are based on templates that are centrally designed. The assigned business site administrator is responsible for assigning further access to new sites.Sites will adhere to the following standards:

Site owner must be displayed in the top-right corner of each site. Company X template to be used for all top level sites Sub-sites list for immediate (single level) child sub-sites to be displayed under site

owner.Sites requests will list the following as required information:

Purpose What is the intention of the site to be created? Will it be a Departmental, Project, or Community (CoP) site?

Value How will this site benefit employees or the business?

Audience Who will need access to the site and use the site?

Site Owner Who is the person ultimately responsible for the site? This is the Primary Contact.

Site Administrator Who will administer and maintain the site? This is the Secondary “Site Owner”

Contact. Features

What are the features needed on the site? Document Storage, Newsletter, Calendar, Team Collaboration, etc.

Site URLs will be created according to the following standards: Intranet SharePoint’s – http://<IntranetName>.CompanyX.com Divisional SharePoint’s – http://<DivisionName>.<IntranetName>.CompanyX.com Departmental Sites –

Page 37


http://<DepartmentName>.<IntranetName>.CompanyX.com Team Sites – http://teams.<IntranetName>.CompanyX.com/team# Project Sites – http://projects.<IntranetName>.CompanyX.com/project# Plant Sites – http://plants.<IntranetName>.CompanyX.com/plant

Site ManagementSite auto expiration: To ensure stale sites are removed and data storage is reclaimed, sites untouched for 90 days will be slated for automatic deletion. Site owners will be notified if their site is slated for deletion and provided with a mechanism to remove it from the automatic deletion list. Site Owners may have the option of having their site archived prior to deletion.User AccessAll SharePoint Administrators must review the training materials and complete a skills assessment prior to becoming an Administrator.DevelopmentThere are business-assigned developers. For any development work, contact your business developer.Custom development needs to be first scoped by the developer and then approved by SharePoint Administrators. This includes any development under Windows Workflow Foundation (WinFX).No web development tools other than those provided by SharePoint for development of the SharePoint user interface (no SharePoint Designer, a.k.a. FrontPage, no Visual Studio, no Cold Fusion, etc.). These tools are permissible only for the development of custom web applications outside of SharePoint. These applications are considered external to SharePoint.Company X Employees must develop web sites in compliance with Intranet design standards and laws concerning copyrights, proprietary names and trademarks.Storage QuotasBy default SharePoint imposes a 50MB limit on the size of a single document that can be uploaded into a document library.

100 MB of storage is allotted for each user’s My Site. 100 GB of storage is allotted for all Top-level Team Sites. Team Site administrators receive alerts when storage is at 90% of quota. SharePoint administrators can override storage quota for Site Collections if

necessary.Document Management Documents used only by a particular location, or with minimal sharing, should be stored at that site, typically on that site’s WSS server.Documents shared across multiple divisions should be stored on the SharePoint

Prohibited file types: ade,adp,asa,ashx,asmx,asp,bas,bat,cdx,cer,chm,class,cmd,cnt,com,config,cpl,crt,csh,der,dll,exe,fxp,gadget,grp,hlp,hpj,hta,htr,htw,ida,idc,idq,ins,isp,its,jse,json,ksh,lnk,mad,maf,mag,mam,maq,mar,mas,mat,mau,mav,maw,mcf,mda,mdb,mde,mdt,mdw,mdz,msc,msh,msh1,msh1xml,msh2,msh2xml,mshxml,msi,ms-one-stub,msp,mst,ops,pcd,pif,pl,prf,prg,printer,ps1,ps1xml,ps2,ps2xml,psc1,psc2,pst,reg,rem,scf,scr,sct,shb,shs,shtm,shtml,soap,stm,svc,url,vb,vbe,vbs,vsix,ws,wsc,wsf,wsh,xamlxPosting software to the <Company Name> Intranet is prohibited. Content ManagementAll SharePoint content that reaches the SharePoint site is created by a user and then deployed to the SharePoint via a request to the appropriate content approver or site administrator to add or update the content on the SharePoint. The administrator may be

Page 38


required to convert some of this content into a format more suitable for the SharePoint prior to updating the SharePoint site. Content will be maintained by the appropriate business content owner, typically the author of the content.Content posted to the Intranet as:

INTERNAL is not to be transmitted outside <Company Name>. Content that is not identified is considered to be INTERNAL.

CONFIDENTIAL is not to be transmitted or shared with anyone who does not have authorization to see it.

PUBLIC USE has been deemed to not contain proprietary or confidential information and may be shared with anyone.

PRIVILEGED is regarded as attorney-client communication and shall be dated and not transmitted or shared with anyone who does not have authorization to see it.

COPYRIGHTED shall be assumed to be protected by copyright and shall be dated and marked. It shall show the copyright owner’s name and shall not be reproduced in electronic or hard-copy form without authorization.

Users follow a built-in approval process for getting content published to their sites. If the setting is “automatically approved” the content is immediately available. Where approval is required, the content must be approved by the appropriate content approver or site administrator. In this case, the content approver is responsible for reviewing and approving content posted to the Intranet.Conduct<Company Name> Employees or agents of <Company Name> using the <Company Name> SharePoint environments are representing the Company. They are expected to conduct all business in a professional business manner.

ProceduresHow to Volunteer for Governance (Strategy or Support) Teams

Look for a link on the SharePoint that leads to the SharePoint Governance site Fill out the requested information on this site Alternatively, contact any of the SharePoint Administrators directly

How to Obtain Support Contact the site owner listed on the site Contact your local System Administrator unless a SharePoint Support

Representative has been designated for your location. In that case, contact your local SharePoint Support Representative

Contact a member of your business unit’s volunteer Support Team. Members are listed on the SharePoint Governance site

Contact the SharePoint Administrator for your region (North America, Europe, and Asia-Pacific). SharePoint Administrators are listed on the SharePoint Governance site

Contact the Help Desk.Discover Who is Serving on the Governance TeamsLook for a link on the SharePoint that leads to the SharePoint Governance siteRequesting a New Site (Site provisioning)

1. Business owner fills out requirements on site request form Assign Site Owner and Site Administrator (self or direct report). May be same

person. Define the Target Audience (e.g., engineering for AOE worldwide) Define who (public or only members) has visibility to this content.

(Contributors will appreciate knowing who can see the posted content and determine what is appropriate).

Page 39


Define the intended purpose of the site. Define value to Employees or business. Define features needed.

2. Submit form for approval Team Site / Project Site requests are submitted to the Department Owner Department Site requests are submitted to the Division Owner SharePoint Site / Community Site requests are submitted to the SharePoint

Administrator3. Site provision request received by appropriate SharePoint, division, or

department administrator4. Request approved or denied with “more info needed”5. Upon approval, appropriate administrator creates site w/requested template

(according to site type, business purpose, and features).6. Email is generated and sent to Business Owner that site is available.

Requesting Access To a Site Find the site owner listed on the site you want access to. Contact that person to request access. Alternatively, if the site has Access Requests enabled, simply submit the access

request when presented with that option.How To Become a SharePoint Site Owner/AdministratorAll SharePoint Site Owner/Administrators must review the training materials and complete a skills assessment prior to becoming an Administrator.

Steps to becoming a SharePoint Administrator of your own site: 1. Download the SharePoint Training Guide here. 2. Request a SharePoint Administrator Training Site where you are the

Administrator. 3. Read the entire Training Guide.4. Use your training site to complete the Skills Training section at the end of Part 4

of the Training Guide. 5. Notify your SharePoint Administrator when you have completed the skills

assessment.

Page 40


8 COMMUNICATION AND TRAINING

8.1 Communication Plan

Communication to the BusinessCommunication to the business regarding this Governance Plan will be in the form of web content on a site off the home page of the corporate SharePoint site. There will be sections on the page for the following:

End UserHierarchy of Governance (Summary)Team roles and responsibilities

Strategy TeamTactical Operations TeamTactical Support TeamTactical Development Team

Individual roles and responsibilitiesIT rolesSharePoint rolesBusiness roles

Current membership of above teamsHow to get involved and become a member of above teamsHardware equipment hosting the SharePoint environments (IT access only)How to obtain support, by location

Information TechnologyOperations Policy (System Administration)

TasksDocumentationPoliciesScheduled Tasks

Operations Policy (SharePoint Administration)TasksDocumentationPolicies

Application Usage PolicyPoliciesProcedures

Communication to the Governance TeamsCommunication to the governance teams regarding this Governance Plan or any governance activities or issues will be in the following forms:

Web content listed above Scheduled meetings or conference calls Ad hoc communications via email.

8.2 Training PlanFor any new system, a solid training plan is required if the users are going to adopt the new system and use it effectively in their daily activities.

Page 41


Training RecommendationsIt’s important to understand that learning SharePoint (in particular how it can be used for business benefit, and how the features in SharePoint should/should not be used) is an extremely iterative process. As a result of this it’s important for training to follow a “Just in Time” and a “Just enough” approach whenever possible.

Training Requirements are listed below.

Training All users of the system will require some form of training.Business Owners need education of the product including capabilities.Site Owners need advanced training, including office integration and Security Policies.End Users need usage overview training.Help Desk personnel require intense training and troubleshooting analysis. Tier two or tier three support should be considered for official, externally-provided training.SharePoint Training tools may include:

“How to” documentation. Lunch ‘n Learn presentations using real scenarios. Instructor-led training hosted by the SharePoint Administrator or other

competent individual(s). On-Demand Video Presentations. Blogs from the experts. Online labs hosted on a sandbox environment.

Training will initially consist of online reference materials for both typical end users (addressing “How To” information).Refer to the official SharePoint Training Plan for a comprehensive overview of this training.

8.3 Support PlanSupport for the SharePoint environments is similar to the management of the SharePoint environments. Support will be provided via a regional, multi-tiered approach. The support system consists of a network of support professionals: business owners and SharePoint Products and Technologies experts for first level support, Site Owners/Administrators or the <Company Name> Corporate Help Desk for tier two support, and SharePoint administrators for tier three support.The types of support required for SharePoint Products and Technologies are Operational support (both back-end system administrator and front-end SharePoint administrator support) and Application Support for end users.Who to ContactOperational SupportSharePoint Administrators will support the day to day operational issues for SharePoint site deployments. Infrastructure issues requiring technical escalation will be escalated to the regional IT contact and subsequently to the corporate IT contact. Final escalation would be to the appropriate hardware or software vendor.End User SupportSharePoint Site Owner/Administrators will be the primary end user support contact for their location until additional Employees are proficient enough to answer simple end user questions. At that time, Site Owners/Administrators should designate one or more of these

Page 42


individuals as resident SharePoint Products and Technologies experts to assist with localized end user support.At such time as is appropriate, it is intended that the <Company Name> Corporate Help Desk assume a role in the support of end users. End users would first contact their resident SharePoint Products and Technologies expert. Second tier escalation will be to either the Site Owner/Administrator or the <Company Name> Corporate Help Desk. Issues requiring further escalation will be escalated to the Regional SharePoint Farm Administrator. Final escalation would be to the appropriate software vendor.Support AvailabilitySupport Group Special Functions Availability User Self Help Online information on the Corporate Intranet

Default SharePoint Products and Technologies help documentation

Select Site Provisioning, including My Site

7 days x 24 hours

Tier 1 Business owners Power Users Corporate Help

Desk

Basic product support; general how to and troubleshooting questions from users

Escalations to tier 27 days x 24 hours

Tier 2 Site

Owner/Administrators

Corporate Help Desk

SharePoint Products & Technologies Experts

Provide routine tasks to users such as fulfilling requests for site provisioning of team sites

Site access issues Change site ownership Increase storage quota Escalations to tier 3

Normal localized business office hours

Corporate Help Desk is available M-F from 6:00 AM – 5:00 PM MST (GMT -7)

Tier 3 SharePoint

Administrators Regional System

Administrators

Create or delete SharePoint sites Redirect or rename site Site restore requests Resolve escalated issues

M-F from 8:00 AM – 5:00 PM within each of the three regions

Other Possible Support Scenarios

Page 43


Page 44

Tactical Support Team

Service Desk

Site Administrators

End Users

Learning Libraries/Online/Help

Tier 5

Tier 4

Tier 3

Tier 2

Tier 1 End Users

Site Owner

Site Collection Administrator

Help Desk

Security Environment

Third Party Support

SharePoint Administrator

SharePoint Developer

Consultative Support

SharePoint Architect


Support Availability ScheduleNotice that many locations will receive support outside the hours of 8 am – 5 pm due to their relation to their SharePoint Administrator’s time zone. No direct support coverage will be available for users between the hours of 2 am – 8 am MST.

Location North America Europe Asia-PacificTime Zone Denver, USA GMT -7 Europe GMT + 1 China, Singapore

GMT +8Denver, USA GMT -7 8 am – 5 pm 4 pm – 1 am 11 pm – 8 amEurope GMT +1 12 am – 9 am 8 am – 5 pm 3 pm – 12 amChina GMT +8 5 pm – 2 am 1 am – 10 am 8 am – 5 pmSingapore GMT +8 5 pm – 2 am 1 am – 10 am 8 am – 5 pmAsia-Pacific will be supported by Singapore and China. Hours of support are below.India GMT +7

7 am – 4 pm

Japan GMT +9

9 am – 6 pm

Korea GMT +9

9 am – 6 pm

Dandenong, Victoria GMT +10

10 am – 7 pm

EU could support Eastern US’s evening hours in their morning and Western AP’s morning hours in their evening, but for simplicity’s sake, we will keep support within geographical regions. If it becomes necessary in the future to offer more comprehensive support hours, we will consider revising this policy at that time.

Tier 1. Local SharePoint Products and Technologies experts, business owners, and the Corporate Help Desk are the first line of contact for all users with questions and problems concerning the SharePoint environments. Support staff helps users validate issues, understand features and functionality, resolve known issues and escalate issues that require additional expertise or back-end administrative access to the SharePoint Products and Technologies application or hardware. Help Desk technicians have SharePoint Products and Technologies experience and receive advance training prior to end users. Tier 2. Site Owners/Administrators and Corporate Help Desk Technical Support staff comprise tier 2 support and have two roles in assisting users with SharePoint Products and Technologies issues. First, tier 2 staff validates issues and reviews steps taken by tier 1 support to make sure no troubleshooting steps were missed. Second, tier 2 staff has administrative access to SharePoint Products and Technologies and resolves common issues that require administrative access such as quota increases or change of team site owner. Tier 3. SharePoint Administrators and regional System Administrators with extensive SharePoint Products and Technologies experience, including those involved in the design and architecture of the system, provide tier 3 support. Tier 3 support is expected to comprise approximately 1 to 2 percent of support calls.

Page 45


9 REFERENCESSharePoint Training PlanAnd/Or SharePoint Training GuideIT Security Policy

Page 46