Professional Documents
Culture Documents
Governance Plan
Author:
Joel Oleson
http://www.sharepointjoel.com
Quest Software
Nicola Young
SharePoint911
Date published:
September 2009
Summary:
The following sample governance plan is designed to help illustrate how to utilize the functionality
of Office SharePoint® Server 2007 for a public Internet site. The fictitious company plans to utilize
the functionality to ensure that site content is consistent, updated in a timely manner, branded in
line with corporate standards, and tightly controlled.
The information contained in this document represents the current view of Microsoft Corporation
on the issues discussed as of the date of publication. Because Microsoft must respond to
changing market conditions, it should not be interpreted to be a commitment on the part of
Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the
date of publication.
This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES,
EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the
rights under copyright, no part of this document may be reproduced, stored in or introduced into
a retrieval system, or transmitted in any form or by any means (electronic, mechanical,
photocopying, recording, or otherwise), or for any purpose, without the express written
permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
Unless otherwise noted, the companies, organizations, products, domain names, e-mail
addresses, logos, people, places, and events depicted in examples herein are fictitious. No
association with any real company, organization, product, domain name, e-mail address, logo,
person, place, or event is intended or should be inferred.
Microsoft, SQL Server, Office SharePoint Server, Windows SharePoint Services, Forefront, and
Active Directory, are trademarks of the Microsoft group of companies.
EXECUTIVE OVERVIEW...................................................................................................................................1
Technical Requirements....................................................................................................................................................2
Infrastructure......................................................................................................................................................................4
Client Configurations........................................................................................................................................................4
Server Diagrams..............................................................................................................................................................4
DNS Settings....................................................................................................................................................................7
Usage Reports.................................................................................................................................................................9
Server Monitoring.............................................................................................................................................................9
Anti-Virus........................................................................................................................................................................10
Site Policies....................................................................................................................................................................11
Customizations...............................................................................................................................................................11
Information Architecture..................................................................................................................................................12
Site Creation..................................................................................................................................................................12
Site Design.....................................................................................................................................................................12
Site Management...........................................................................................................................................................13
Permission Management.................................................................................................................................................13
Navigation.........................................................................................................................................................................14
Branding............................................................................................................................................................................14
Search................................................................................................................................................................................15
IFilters............................................................................................................................................................................15
Search Center................................................................................................................................................................16
Search Analysis..............................................................................................................................................................16
Best Bets........................................................................................................................................................................16
Keywords.......................................................................................................................................................................16
Federated Search...........................................................................................................................................................17
Development..................................................................................................................................................................17
Staging/Authoring...........................................................................................................................................................18
Support..............................................................................................................................................................................18
Support Availability.........................................................................................................................................................19
Scheduled Downtimes....................................................................................................................................................20
Training.............................................................................................................................................................................21
Levels of Training...........................................................................................................................................................21
Additional more advanced training will be given to users in the roles of Infrastructure Administrator, Designer,
Developer, and Help Desk. This training will be conducted and provided by a 3rd party vendor....................................21
Appendix C: References..................................................................................................................................................24
Executive Overview
Fabrikam has decided to utilize the functionality of Office SharePoint® Server
2007 for its public Internet site, Fabrikam.com. The company plans to utilize
the functionality to ensure that site content is consistent, updated in a timely
manner, branded in line with corporate standards, and tightly controlled.
This governance plan ensures that the system is managed and used in
accordance with its designed intent to prevent scope creep and chaos.
Managing this enterprise-wide system involves both a strategic, business-
minded board to craft rules and procedures for the use of the system and
also a tactical, technically-competent team to manage the routine
operational tasks that keep the system running. Users of the system will be
empowered by a support and developer community sponsored by the
business leaders.
• Support calls to the 24/7 support desk should receive attention within a
maximum of 15 minute hold time without prior notification of high call
volume, and resolution should be a maximum of 3 days for 90% of
calls. Resolution is considered resolution by the client with the
exception of no response. This service is considered business critical.
More detail provided by the support desk service offering.
• The hardware needs to scale and support company growth. The initial
deployment should support at least 300GB of data with the ability to
grow to 1TB over the first year. SAN storage for Microsoft® SQL
Server® needs to support 5TB at maximum capacity.
Business Requirements
• Editing/Design/SharePoint® Designer Usage Policies – Master pages,
theme, and page layouts will be authored by a single design team. This
is to ensure a consistent presentation of all content across the site.
SharePoint Designer will not be approved for use on the production
Fabrikam.com site.
Infrastructure
Client Configurations
In order to best support the SharePoint environment, support will need to be
limited to specific client configurations. While every effort will be made to
support multiple environments, Fabrikam.com will need to put limitations
around the standard environments that are used to access SharePoint. The
following list identifies the different supported environments and
configurations:
Office 2003
Internet Explorer 8
Server Diagrams
Refer to Appendix A
Installation & Configuration
The following information will be used for the installation and configuration of
the SharePoint environment.
Fabrikam.com\spperonalapp
Admin Accounts
In order to properly support the SharePoint environment, several different
users in the organization will need to have full access to all SharePoint
content. Users who require this type of access will have a user ID created
specifically for SharePoint access. This approach will allow them to contribute
and access SharePoint content based on their current username and role
within the organization. The separate user accounts created will require them
to log in with the elevated account whenever they need to perform admin
functions. The following table outlines the elevated user accounts that will
need to be created:
These accounts should be limited to only those users who require full access
to the system. Any new accounts added at this level should be approved by
the SharePoint Owner prior to creation. The access of these accounts will be
managed through a Web application policy based on an Active Directory®
domain services (AD DS) Group. The following table defines the different AD
DS Groups and Web applications:
AD DS Group Users
SP_Readers SP-Crawler
SP-Legal
DNS Settings
Fabrikam.com SharePoint environment will be published with Internet
Security and Acceleration Server (ISA) and Load balancing and Security using
the same https address for both internal and external access.
The reports will be available to anyone who has Full Control to the site. This
access will be granted only to users who have completed training for Level 2
access. Users who have not completed level 2 training and want to see the
access reports must submit a request to the help desk. A file with the usage
reports will be generated for them on a request basis for up to 3 maximum at
which time training would be required to provide access to reports.
Server Monitoring
The following tools are being configured within the environment to support
server monitoring:
The Microsoft Best The Microsoft Best Practices Analyzer for Microsoft
Practices Analyzer for Windows SharePoint Services 3.0 and the 2007
Microsoft Windows Microsoft Office System creates detailed reports to
SharePoint Services 3.0 help administrators achieve greater performance,
and the 2007 Microsoft scalability, and uptime.
Office System
Quest Recovery Manager Quick and easy file, list, site, and site collection
for SharePoint Server recovery without requirements for recovery farm
integrating with Data Protection Manager (DPM).
Data Protection Manager Backup and Snapshot Solution for offsite backups
2007 for SharePoint
Server
To speed recovery, the site collection can be separated into its own content
database.
Backups of the database will be stored on the server for a 6 month period.
After the 6 month period has expired, the backup will no longer be available.
Anti-Virus
The following anti-virus tool is being configured within the environment:
Forefront™ Security for Microsoft Forefront Security for SharePoint integrates multiple
SharePoint scan engines from industry-leading vendors and content
controls to help businesses protect their Microsoft SharePoint
collaboration environments by eliminating documents
containing malicious code, confidential information, and
inappropriate content.
Fabrikam.com should have separate anti-virus policies for its servers and
clients. The servers should not use the default Desktop file-level anti-virus
client. If the servers use the default client, IT should consult KB 952167
(http://go.microsoft.com/fwlink/?LinkID=123963) to ensure accurate and
complete anti-virus scanning results.
Site Policies
Results from an ongoing site inventory will be used to create and refine
policies to improve site performance and security, for example:
Customizations
Fabrikam.com maintains a mantra of “Do no harm.” They take future
upgrades and supportability very seriously while at the same time, they want
to empower the business to truly create composite applications and perform
rapid deployment. They follow a strict application lifecycle management
policy based on the Microsoft Solutions Framework (MSF) and try to follow the
patterns and practices, best practices to team development. Fabrikam.com
recognizes the potential need to allow for site and server customizations.
The following guidelines are being put in place in order to control the various
custom elements that are being installed:
Information Architecture
The Information Architecture of the site determines how the content will be
organized within the environment. Planning for this design should be done
based on studies conducted by the marketing department. The main goal of
the design is to ensure that visitors can easily find all content while ensuring
that the permission structure is manageable.
Site Creation
The site hierarchy will be defined when the site is rolled out. Additional sites
will only be added when it is determined by Corporate Communications that
the current sites do not have an appropriate place for this additional
information.
Site Design
Master Page
See the Branding section later in this article.
• Each page must have versioning turned on. This will allow Corporate
Communications and the Legal Department to review changes over
time at any point.
• Each page must have a scheduled start date and scheduled end date
to ensure content is only being shown when it is relevant.
• Each page must go through the two step approval workflow defined by
the SharePoint Solution Architect for that site. The two step approval
will first route the content to the Site Owner for approval and then to
the SharePoint Owner (Corporate Communications) for final approval
and publishing.
Permission Management
Due to the purpose of our public internet site to clearly display information
about our company to the general public, strict guidelines surrounding
permissions will be in place to ensure only a small number of users within the
organization can make changes. The following default permission levels will
be used:
Custom Permissions are not currently authorized for the Fabrikam.com site.
The SharePoint Owner will determine and assign the permissions to the
SharePoint Site Administrators. The SharePoint Site Administrators will then
have the ability to request SharePoint Content Authors for their site. The
SharePoint Owner will review these requests and assign the Content Author
the contribute permission for that area of the site if they approve the request.
Navigation
Left hand navigation and Top level navigation will be restricted to one
level of fly-out navigation.
Branding
All sites will be required to use the Fabrikam.com Master Page and custom
theme.
Page Layouts
To ensure consistency in how content is display, there will be 4 page layouts
created: one page layout for the landing page, one page layout for each of
the top level sites, and two page layout options for subpages. Every page in
the Fabrikam.com site must use these page layouts. Any variations will need
to be approved by the Fabrikam.com site owner.
Search
Over time search will become one of the key benefits within the SharePoint
deployment. Getting started, search will be limited to a few content sources
that will continue to grow over time. The decision has been made not to crawl
the existing file servers due to legacy security issues. This approach will help
ensure the value of the content within the indexes. The following content
sources will be created:
Local Office SharePoint Server Sites (Default Search Daily, every 4 hours*
Scope)
*IT must monitor these crawls to prevent overlap that might cause
performance problems.
Major external content sources and intranet sources above 100 GB will be
added only with the approval of the SharePoint governance committee.
IFilters
IFilters provide a way to index non-standard document types. In addition to
the MS IFilter pack, the following IFilters will be installed and configured
within the environment:
MSG
Additional global search scopes can be requested; however they will only be
created when they will benefit all users of the Fabrikam.com site. For any
requested scopes that are not classified as requiring a global search scope a
local search scope can be created instead (see below).
Search Center
For phase 1 the Fabrikam.com Portal will be configured to use the out-of-the-
box search center. No customizations will be made during Phase 1. Any
future customizations will need to be approved by the SharePoint governance
committee.
Search Analysis
Search analysis processing will be configured for the farm. Once a month the
results will be reviewed by the SharePoint Architect and presented to the
SharePoint governance committee. Based on the analysis, additional search
elements (such as keywords and best bets) will be configured.
Best Bets
Best bets will be requested through the support desk and handled by tier 2
support.
Keywords
Keywords will be requested through the support desk and handled by tier 2
support.
Federated Search
Federated Search will not be configured during the initial phases of the
project. For future phases, it will be approved by the SharePoint governance
committee before being added to the SSP.
Workflows
Usage Reports
Development
All custom development efforts must be approved and managed by the
SharePoint governance committee and will be considered only when no out-
of-the-box options are available. Appropriate levels of security will be
imposed on all custom solutions and Web Part connections.
Staging/Authoring
The staging environment will mimic production while the development and
test environments are fully virtual environments and have a representation of
the data that’s in production. Production and Staging should never be more
than 1 week on different versions of the product or development projects.
Authoring will be performed in place by default for most pages, but the
primary site collection will be set up with content deployment.
Support
In order to provide the best possible support to Fabrikam.com, guidelines
have been created for the support of the environment. Over time, these
guidelines will be updated to reflect the increased supportability of
SharePoint and applications built on it within Fabrikam.com.
Classroom Training
Online Forums
Each member of the help desk that has been identified as a support for
SharePoint Products and Technologies should work with respective managers
and the SharePoint Service Owner to coordinate the appropriate training.
Support Availability
The following table describes the different support options available within
the organization.
Support Group Special Functions SLA
Level 2 & 3 Self- SharePoint FAQ Site Online /
Help Training Materials Normal
Business
Hours
Tier 1 General how to and SLA to be
troubleshooting questions from established by
Site Administrators / users the Site
Collection
Site Owners (Level 2 Guidance on layout and structure
& 3 Users) of site
Escalations to tier 2
Permissions
Tier 2 Site access issues (escalate to Call returned
Owners) within 24
Help Desk hours for
Change site ownership normal
Escalations to tier 3 priority; 4
hours for high
priority
Time to
Resolve 72
hours or
escalate
Tier 3 Increase storage quota 24/7 support
Create or delete portal sites with 4 hour
SharePoint maximum
Redirect or rename site response
Operations Team Site restore requests Time to
Resolve escalated issues / Resolve
escalate to tier 4 Maximum 1
week
Other- TBD
Scheduled Downtimes
Uptime requirements are 99.9% SLA including scheduled downtime. All
scheduled downtime should be performed during the outage window of
Friday night from 00:00 to 05:00.
Schedule Downtime is defined as times where Fabrikam.com notifies users of
periods of Downtime at least 3 days prior to the commencement of such
downtime or scheduled regular maintenance time.
Training
Levels of Training
Training will be conducted based on the permission level of the user of the
site. Training will be conducted and created by the Training department.
Full Control Users will be instructed on how and when to edit the
content of the site.
Manage Permissions
Users will be instructed on how to approve and publish
content changes to the site.
Approve Users will be instructed on how and when to edit the
content of the site.
Users will be instructed on the method to approve
content changes to their site.
Contribute Users will be instructed on how and when to edit the
content of the site.
Users will also be informed of the approval policy for all
content changes.
Additional more advanced training will be given to users in the roles of Infrastructure
Administrator, Designer, Developer, and Help Desk. This training will be conducted and provided
by a 3rd party vendor.
Appendix A: Server Diagrams
All environments will have this same configuration. All servers should be
Windows Server 2008 64-bit and SQL Server 2005 or SQL Server 2008 with
64-bit operating systems and 64-bit versions of SQL Server. The development
and test environments these boxes below represent the Images and not
physical machines. For Staging/Authoring and Production the servers below
are represented as physical machines.
MOSS
WFE
Query
Excel
Network Load
MOSS
Balancer
Index
Database
SQL 2000 or
SQL 2005
Active/Passive
MOSS Cluster
WFE
Query
Excel
Appendix B: Definitions & Acronyms
The following glossary includes common definitions and acronyms that are
mentioned within this governance document.
Appendix C: References
This document was created using the following sites and documents as
references.