Governance Segments

The next major concept to understand relates to segments. Governance segments can be thought of as the three dimensions of system management. Each segment covers a set of activities that must be performed to effectively govern the site. These segments provide a useful means of categorizing these activities and understanding how they are related to one another.

As shown in Figure 2-2, the three segments are Information Management, IT Management, and Application Management. Each service deployed in a SharePoint solution needs to be evaluated from the point of view of each of these segments.

Figure 2-2. SharePoint governance segments

IT Governance

Governing a SharePoint solution from an Information Technology perspective is probably the most obvious segment. SharePoint is a family of extensive, complex software products, after all. The first interactions most organizations have with SharePoint are within the realm of the IT department.

IT governance refers to all the activities associated with installing, configuring, and managing the SharePoint servers and product features. In other words, this is how you keep the lights on. A major failing of many governance efforts is that IT governance is only considered a concern of the IT department. This is a very dangerous assumption, since the IT department is composed of a set of people with very specialized skill sets that probably don't represent the needs of the end users very well. This is why IT governance must be managed by the entire governance team, not just the IT department.

Another way of thinking about IT management is in terms of a service catalog. As discussed earlier, a service is a set of features that provide certain functionalities to the users. IT management is concerned with implementing and tracking those services once they are deployed. Together, these services form a service catalog that must be managed.

IT management is also concerned with

• Enforcing policies for access and usage
• Managing the lifecycle of content in the system
• Classifying and delivering content assets
• Backup and disaster recovery
• Implementing and maintaining security controls
• Preventing rogue installations of SharePoint
• Updating SharePoint with patches and service packs
• Controlling custom component deployment
• Mapping proposed services to the features of the SharePoint platform
• Monitoring usage and providing data to the governance team

A good way of establishing and measuring IT management is through the use of a service level agreement (SLA). An SLA is an agreement between the provider of a service and the consumer of that service. In this case, the SLA is between the governance team (not the IT department) and the end users of the portal. This agreement should cover issues such as performance and reliability targets, customization policies, storage quotas, problem reporting and resolution, and chargebacks to user organizations, if applicable.

Tracking system performance against an SLA and the other policies established by the governance team will allow the organization to focus its resources where they can do the most good. IT Governance will be the subject of Part II later in this book.

Information Management

The Information Management segment, also known as Information Architecture, is concerned with defining how the data stored in the portal will be turned into usable information. Data must be structured and relationships documented before valuable insights can be derived. These structures and relationships must be mapped into features within SharePoint to be leveraged by users in an effective, easy-to-use way. Good information management is the difference between a valuable business resource and a pile of useless data.

When defining the structure of information in SharePoint, it is important to understand the distinction between content and metadata.

Content is a fairly simple concept for most people to grasp because they can directly see it. Content items are the web pages, documents, announcements, and other pieces of information that are uploaded to or created on the portal site.

Metadata is a more difficult, and correspondingly more important, concept to master. Metadata is usually defined as data about data. When a user contributes a piece of content, SharePoint automatically captures certain information about that content. This includes information like who created the content and when, what name it was given, where in the site hierarchy it was placed, and so on. This data is vital for SharePoint to store and deliver the content. Information architecture extends this information to include additional fields that give more context about the item. This might include information such as the department the item is associated with, compliance requirements for the item, or the roles of users to whom the information is likely to be of interest.

A good example of familiar metadata is found in Microsoft Word or any of the Microsoft Office products. Word provides a large number of predefined metadata fields that can be set on the backstage page as shown in Figure 2-3. SharePoint has the ability to use these metadata fields, as well as others, to automatically categorize and deliver information to users based on their interests and context within the site. The key is to define these fields and ensure that they are populated consistently. This establishes the organizational context or taxonomy of information in the site.

Figure 2-3. Microsoft Word metadata

Information management is also concerned with structuring the user interface for the sites and designing the site hierarchy. This generally involves creating a series of high-level wireframes that define the regions of each type of page and the site navigation that will be used to traverse the various sites.

Some of the more mechanical aspects of the site also fall under the heading of information management. These include versioning of content, determining appropriate levels of access and control for various types of information, and handling other user interface issues related to the presentation of data such as branding and sites that use multiple languages. These are often some of the most complex issues to be managed because of the large amount of redundant information that can be created.

Part III of this book will cover information management in much greater detail. We will also examine managing complex information sets in SharePoint including search catalogs, social media features, and document and records management.

Application Management

The third and final segment of effective governance is application management. An application in this case refers to any programmable components added to the SharePoint platform. These components may come from Microsoft, other vendors, or software developers within your own organization.

Governing the deployment, use, and maintenance of these components is important because these types of components are the most likely to contain bugs or incompatibilities that can undermine the stability of the system. This doesn't mean that deploying such components is a bad thing or even particularly risky. It just means that extra care should be taken to ensure that changes are tested and deployed in a managed environment.

SharePoint is designed as an extensible platform for deploying highly-scalable intranet and Internet portals. When developing new functionality to be deployed in a SharePoint environment, it is necessary to understand where the application components fit within the SharePoint stack. Figure 2-4 shows the design layers within a SharePoint solution. Each layer is built using the features exposed by the levels beneath it.

Without getting into too much technical detail at this point, the bottom layers are composed of the same components used by any web-based application on the Windows platform: the .NET Framework and ASP.NET. MS SharePoint 2010 Foundation is an ASP.NET application that is installed on top of this set of components. The MS SharePoint 2010 Server products contain additional features that are built on the SharePoint Foundation. Additional application components are then deployed at the top layer of the stack.

Figure 2-4. Application layers in SharePoint

It is not necessary to understand the deep technical issues associated with each layer in order to effectively participate in governing a SharePoint site. However, it may be helpful to understand where a proposed application or enhancement fits into this stack. The issues that the governance team must address involve the policies that will be used to determine which components are appropriate for inclusion as services in a particular portal. This includes limiting the tools that are allowed and the testing that is required.

There are several tools that are commonly used to develop SharePoint solutions. These include

• SharePoint Designer 2010: This application is used to create content and data structures within SharePoint. It can also be used to customize business process workflows and the user interface.
• InfoPath Designer 2010: This tool is used to create intelligent forms that can be used on the site to collect and present business information.
• Visual Studio 2010: This is Microsoft's primary software development tool. With Visual Studio, professional developers can create enhancements to SharePoint that can be as sophisticated as needed to provide whatever functionality is required.
• Microsoft Office 2010: In addition to creating documents and content for SharePoint, some office applications, such as Excel, Access, and Visio, have their own macro languages. SharePoint also contains server-based services designed to host applications written using these programs.

Part IV of this book is devoted to Application Management. This section will cover many of the technical considerations that go into protecting a SharePoint environment from unwanted instability from poorly-developed applications. Standardizing procedures for developing, testing, and maintaining custom applications, as well as packaged solutions, is an important part of a complete governance strategy.