RealActivity is a specialized healthcare services and solution advisory firm.

Beware: SharePoint Governance and Compliance Awareness Similar to Y2k Scare

A recent report produced by AIIM suggest many companies using SharePoint do not have strategic plans and governance in place. I was horrified when I read this. Can you imagine a software system with out strategic plans and governance? How could this go on? <insert smirk and sarcastic smile here>

Many companies haven’t had governance and compliance features in place for there information systems for years. This has been true since I started working with software in the early 90’s. I would ask who cares! Sarbanes Oxley came and went. Sarbanes is still relevant as are other industry compliance standards however the weakest SharePoint deployment will get you past most audits. And if not, who cares? You’re allowed a strike. Simply spending the money on SharePoint Server shows you are trying to comply with most regulations.

Why should companies spend money on governance and acceptable use policies mentioned in the report? Remember in the 90’s when company internet sites were introduced and everyone was worried about acceptable use policy? Can you image in todays economic times spending money on consultants to draft this disclosure for you? In hindsight it turns out a couple paragraphs or pages and a link solves the issue. The same is true with SharePoint, schedule an afternoon with your legal department and the job is done.

Did I miss new legislation that could cost companies millions or billions of dollars if not compliant with <fill in the blank>? If not than why should they or we care? Legislation of content types? Really? In my opinion this is akin to riding my bike on the beach without a helmet. OMG we might have duplicated content types! What if our metadata is off? Our tags may not provide as much value! What will we do? Productivity would be off and ROI goes down the tube! Scary, scary. Give me a break please, this recent governance and compliance concern reminds me of the Y2k scare which bilked companies of billions of dollars in consulting fees.Gasp!

Last week an organization approached me because they just took a 40 million dollar hit due to cut backs in funding. A group within the organization wants to use technology to facilitate a new purchase process that will recoup 10-15 million a year. Every day that goes by this money slips away. Indulge me, how much time do you think we will spend chatting about adoption, governance and acceptable use before we move forward? User adoption is simple with this project. Make his work or we may have to lay people off because we just lost 40 million dollars.

In my opinion sophisticated governance plans, strategy documents and complex user adoption plans are like house cleaners in that they are nice to have if you can afford them. Many will tell you that SharePoint strategy and governance plans will pay for themselves with lower maintenance and higher productivity. Most CIO’s and managers I speak with are tired of hearing about soft dollar calculations and want hard dollar cost savings immediately, after all these are complex and challenging fiscal situations they are managing.

PS: If you end up with duplicate content types and unorganized metadata due to lack of governance please consider hiring your local college student for an internship. The intern will clean up the mess with little cost and will appreciate the job experience.

Categorised in: Microsoft Cloud, Miscellaneous

8 Responses »

  1. Hi Paul. I agree with you in principle. I've said it many times that SharePoint does not necessarily introduce new governance problems to a company that has a mature intranet, for example. The same policies that governed the intranet before SharePoint was implemented should still apply for the most part. I will say, however, that there are other forms of regulatory compliance besides SOX that are industry specific. An energy company, for example, can face really steep fines if not NERC-compliant. And while some people may have cashed in on Y2K, it was definitely a real problem. I can tell you that I changed plenty of programs that were problematic — not apocalyptic, but definitely problematic. I suppose it is the same way with SharePoint governance — some folks who think they are well off may have real issues, while others who are worried sick are really in decent shape. You are right, though, that it seems to be used as a scare tactic too often to sell reports or consulting services.

  2. Paul:
    Just because there's been a lack of governance and strategy in the past doesn't mean that we should carry on with business as usual. Technologies like SharePoint are different than many others. With accounting packages or CRM solutions, for example, use can easily be dictated. ("You won't get paid unless…") When we're building solutions focused on the knowledge layer, it's much more subtle.
    If we don't have a true strategy and strong governance – with the attendant "soft" initiatives, like new incentives and reward structures – we risk the continued "deployment is not adoption" problem. Platforms like SharePoint should fundamentally change the way people work in the best cases; in the worst, they are simply a newfangled virtual doorstop.

  3. Mark, if what you submit is correct how do you explain the enormous growth of SharePoint 2007 and 2010? This growth and adoption occurred before the attempt to formalize governance and adoption. I am in support of governance as long as it is inexpensive, in house and doesn’t impede progress.

  4. If all you're saying is that too much bureaucracy is bad, that's one thing. But if what you're saying is that SharePoint sites in an organization don't need to share certain features so that people can communicate and collaborate across boundaries more easily, that's another. Licenses, training, and support are expensive. Of course there needs to be a balance between structure and creativity. That's not unique to SharePoint adoption.
    Dennis McDonald
    Alexandria VA

  5. IMHO the growth comes from the usefulness of SharePoint in moving power to the users (enablement!) plus Microsoft's "the first one's free, kid" attitude – get them hooked by making the basic software free with Windows Server (which they already own), then once they start craving more features, you put the hammer down on them 🙂
    I agree that most companies should be able to do governance in-house, though an outside perspective can also be helpful.
    Governance should ideally be less expensive than lack of governance. Yes, it can be difficult to measure precisely the costs of the lack of compliance, but (as I said on Twitter and my blog post ) once you have to tell your business users that you can’t work on their project because you are busy cleaning the Augean Stables, they can see the value of having things working properly. Good governance properly applied is the Alpheus and Peneus rivers.
    Governance is not a one-size-fits-all, it must be sized according to the pain your organization feels in its current environment, and the organization's ability to handle change and regulation.
    Nor is is necessary to re-invent the wheel – use existing governance/Employee Handbook/IT policies as-is when possible, only worry about the wrinkles that SharePoint adds by being SharePoint.

  6. Paul:
    I think it's important to separate *sales* growth with actual use. Microsoft has sold a bazillion seats, no argument there.
    At a large percentage of the clients I visit, SharePoint is there, but either way underutilized or virtually not used at all by real people. Just because it's been implemented doesn't mean it's become a part of the fabric of the organization's work. I often see the IT department using SharePoint to store documents about SharePoint, but no "real" users utilizing it on a regular basis.
    The softer side of things that most techies would rather ignore – process improvements, new incentive structures, training – are key components of a good governance model. It doesn't have to be a 300 page document; it needs to embody a new way of thinking about work and how to make a platform like SharePoint a part of that work.

  7. Paul,
    Legislation hardly seems to be the most important issue at hand in regards to content governance. Litigation is an issue that many companies are facing. As I'm sure you know Litigation costs are very tangible and the "findability" of content can have a big impact on what you are able to quickly collect, cull, and provide during a litigation event.
    Maybe the specific concern of this post is regarding SOX type prep work. But I believe the AIIM report you mention would content that governance has to do with litigation preparedness as well.

  8. Paul,
    As I responded on my blog last night (, custom software became very widespread long before widespread attempts to control process, quality and security as well – does that mean no one should have invested in improving those processes?
    I think "inexpensive, in-house and doesn't impede progress" is the wrong way to express this. I think it is better to say that the governance model and processes need to fit the situation.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: