Sharepoint 2010 : Planning for Governance (part 4) - What Is in the Governance Plan - Policies and Standards

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
2/7/2014 2:23:09 AM

3.4 Policies and Standards

Policies define rules for SharePoint use; standards describe best practices. From a governance perspective, policies are usually driven by statutory, regulatory, or organizational requirements. Users are expected to meet policies without deviation. If your organization is subject to regulatory oversight, be sure you can actually enforce your policies because a failure to do so may target you as being noncompliant. Standards are usually established to encourage consistent practices. Users may adopt some elements of the standard that work for them while not implementing others.

As applied to the topic of file names, a policy might state, “Do not include dates or version numbers in file names,” while a standard might state “File names should be topical and descriptive.” In another example, the policy might state “All SharePoint sites will have a primary and secondary contact responsible for the site and its content,” and the standard might state, “The site contact is listed on the site home page and in the site directory.”

Each organization will have its own set of policies and standards. General topics should include content oversight, site design, branding and user experience, site management, back-end systems (hardware, software, and database management), and security. To ensure your content is relevant, do the following:

  • Verify that your SharePoint polices and standards do not conflict with broader organizational polices.

  • Publish policies and standards where users can easily find and follow them. Some policies may need to be published to “all readers,” while others may need to be secured to protect the integrity of the application.

  • Regularly review and revise policies and standards to keep them aligned to organizational needs.

The next sections describe some specific examples of policies and standards that you might want to consider for your organization. This is not an exhaustive list but includes some reusable ideas to consider.

Content Policies and Standards

Consider the following example content policies and standards, each of which is discussed in more detail in this section:

  • Posting content to existing pages or sites

  • Posting content to the home page

  • Content auditing and review

  • Records retention

Posting Content to Existing Pages or Sites

You will definitely need a policy or standard to ensure that the “one copy of a document” guiding principle is enabled. Take a look at the Content Contribution and Ownership sidebar that follows for a good policy to guide users regarding only posting content that they “own.” In addition, consider creating policies for these other content topics:

  • Content posting cycle. Create a policy to remind users to delete content from its original source or collaboration environment when it is “published” to the official SharePoint repository (or use automated content disposition policies to make sure this happens routinely).

  • Content editing. Because content contributors on one site might have a link to content on a site they don’t own, it is important to have a standard reminding users to “edit documents in place” so that links do not break.

  • Content formats and names. Decide whether you need policies for where certain types of content are stored in your solution and whether or not you need file naming standards. Consider a policy for defining what types of content belong in your SharePoint solution and what types of content belong in other locations. Given the rich search capabilities in SharePoint, it is not always necessary to define strict standards for file names other than to encourage users to choose names that will help someone else identify the file contents.

  • Content containing links. Clearly define who is accountable for making sure that links in content or on a site are not “broken.”

Sample Policy: Content Contribution and Ownership

Site Sponsors are accountable for ensuring that the content posted on their pages is accurate and relevant and complies with records retention policies.

Only post content on a collaboration site or in My Site that you “own.” Ownership means that the document is or was created by someone in your department, and your department is committed to maintaining the content for its entire life cycle. If a document is not owned by your department, but access to the document is needed on your site, ask the owner to post it and then create a link to it on your site.

Do not post content that you do not own the legal right to post electronically, including .pdfs or scanned images of journal articles or other documents from sources to which your organization does not have online publishing rights. A link may be created to this content on the content owner’s Web site.

Posting Content to the Home Page

You will definitely want to consider creating a specific policy for posting content to the home page of your portal solution. Most content on the home page should be carefully controlled, especially for your intranet. After all, you get one chance to make a first impression, and your home page is where users get that impression! On an enterprise intranet, the home page can become a battle for “real estate” among several business units, usually Corporate Communications or Marketing and Human Resources. Even if your “solution” is a project team site, you will need to carefully consider how information is presented on the home page of the site and who is allowed to create and place content in this critical location. Some organizations solve the battle for home page real estate by assigning areas of the page (“neighborhoods”) to specific departments. Others assign primary ownership to one specific department (often the department responsible for internal communications) but use the Portal Governance Board or Steering Committee to provide oversight and escalation if there are disagreements about content.

Content Auditing and Review

Consider a policy to define the frequency and type of review that you will have on each type of content or site. All content posted to enterprise-wide sites should be governed by a content management process that ensures content is accurate, relevant, and current, but even private team sites should have a content management strategy. For most sites, the maximum content review cycle should be no more than 12 months from the date content is posted. Confirm that your review cycles conform to any regulatory or statutory requirements.

Records Retention

Be sure you define clear policies regarding how your records retention policies will be implemented in your solution and the responsibilities content owners have to identify content as records and associate the appropriate record retention code to a given content item.

Design Policies and Standards

Consider creating policies and standards for each of the following design elements:

  • Creating new subsites

  • Page layout and organization

  • Content Types and metadata

  • Content-specific guidelines/policies

  • Security

  • Branding

Creating New Subsites

If individual “end-user” site owners will have permissions that enable them to create their own information architectures for sites under their control, it is important to provide some guidance to help them understand best practices for creating nodes in an information hierarchy. For example

  • Content ownership. If a particular business group is the primary owner of all of the content to be posted on the page or site, creating a separate subsite (“node”) for that business group probably makes sense.

  • Security. If a significant group of content is highly sensitive, create a separate subsite, workspace, or node to more easily control the security settings for that content.

  • Database administration. If there is a need to backup, restore, or otherwise manage content in a single group, having a unique subsite or page for that content will make these processes easier to manage.

  • Navigation. Minimize the levels of nesting in the information architecture. It is a good practice to keep the number of levels in the hierarchy to no more than three so that users do not have to continuously “click through” to get to critical content. If a new node in the architecture is not needed for any of the other reasons just outlined, don’t create it.

Page Layout and Organization

Nothing makes a site more confusing than a random collection of disorganized Web Parts cluttering a page. Anyone with page design permissions needs to remember the guiding principle about focusing on the end user, but these page designers should also be familiar with general design usability best practices. Usability guru Jakob Nielsen publishes a bi-weekly newsletter with excellent advice, best practices, and tips for Web page designers. You can sign up to get your copy directly in your e-mail inbox at Some of the recommended best practices for page design include

  • Consistency. Establish a standard design for all pages of each site to ensure that users can navigate without getting surprised by changing page layouts.

  • Speed. Make sure that users can get important information as quickly as possible.

  • Scrolling. Does the page layout require that users scroll up or down or left to right to find important information? Design a page to fit your organization’s standard screen size and then make sure that users do not have to scroll to find the most important information or Web Parts on the page. Scrolling should never be tolerated for critical information.

  • Important content in the upper left. Put the most important content toward the top-left part of the page. This is where readers will “land” visually when they get to the page. If the most important information is in this location, chances are better for capturing the user’s attention than if the information is buried somewhere else on the page.

Content Types and Metadata

A Content Type is a collection of settings that define a particular type of information, such as a project plan or financial report, and can be defined for the entire enterprise, for an entire Site Collection, or it can be defined “locally” for a specific page or site. Site Columns are the “properties” of a particular type of content. Columns are part of the attributes or properties of a Content Type. Site Columns can also be defined across the entire solution or for an individual site or Site Collection. Content Types and Site Columns are both types of “metadata” in SharePoint 2010. The values for many Site Columns (metadata) are specific to specific sites.

Social Tags and Ratings

Social feedback, content added by users as tags and ratings, is new in SharePoint 2010. These capabilities allow users to participate and interact with your SharePoint solution and improve content “findability” by allowing individuals to supplement formal classification with additional tags they find personally meaningful. Social tags refer to metadata that users add to content to help define what it is, what it includes, or what it does. Your governance policies should include guidelines for how you want users to participate in social tagging and provide guidance and examples of meaningful tags for your organization. You should also make sure that users understand that social tagging uses the Search Index to provide security trimming on content that is stored in SharePoint, which means that users will be able to tag confidential documents, but those tags are not visible to anyone who doesn’t have read access to the document.

If you choose to activate the Ratings feature in SharePoint 2010, users will have the option to “rate” documents (and pages) on a scale of 0 to 5 stars. Your governance plan should document how you intend to use ratings in your organization—for example, are you asking users to rate whether they think the content is well-written or whether or not they think it is useful? An October 2009 article in the Wall Street Journal cited a statistic that states when consumers write online reviews of products, they tend to leave positive ratings: The average rating for items online is 4.3 stars out of 5. If you want to have meaningful ratings on content in your organization, you will need to define your expectations and make it clear to users how ratings will be used. Obviously, if all the ratings are positive, it’s going to be hard to find value. Some organizations try to identify stellar examples as best practices, but this is a very difficult process to sustain over time without dedicated resources. Allowing users to rate content as they see fit may help identify potential best practices, but you need to be careful about assuming that low-rated content is necessarily “bad.”

Content-specific Guidelines/Policies

High-impact collaboration solutions ensure that content is easily accessible by end users. This means that the content is not just “findable,” but that it is structured and written to be consumed online. Assuming that your content contributors are good writers to begin with, they may not be familiar with best practices for writing for the Web. It’s helpful to provide some standards and policies for specific SharePoint lists and libraries. Following are several examples of standards, policies, and best practices you may wish to consider for your solution.

  • Blogs and wikis. End users should be aware of what your organization considers appropriate for posting social content to personal sites such as blogs and wikis. While in some organizations, blogging about your hobbies is acceptable; in others, it’s not. Be very thoughtful about how you define governance policies for social content because you need to be sure that you are not placing so many rules on your content that you will discourage content contributions. There is no single right answer for every organization. 

  • Announcements. Overall, the tone of all text should be concise and helpful. For announcements, create a descriptive but succinct title. In the announcement text, put the important information first and write briefly, using no more than four to five sentences. Try to avoid using large fonts and avoid lots of white space in announcement text. Do not underline anything that isn’t a hyperlink. Make the link text a concise description of the link so that it aids the reader in scanning:

    • Bad: Click here for the latest application form

    • Better: Download the latest application form

    • Best: Download the latest application form

  • Discussion boards. Effective discussion boards must have someone who will serve as the discussion board moderator to ensure that questions are answered and that the discussion board adds value. In some organizations, you will need to consult with the Legal department to ensure that information about products, research, patients, data, regulated content, or legal issues are appropriate in online discussion boards.

  • Picture or video libraries. Content posted to picture or video libraries should be business-related and appropriate for publication in the corporate environment. Be sure to obtain permission from any individual in a picture or video that will be posted to a site before it is uploaded. Also make sure that your organization owns the image or has obtained the proper licenses for its use.

  • Links. In some cases, users and site designers will have the option to indicate whether or not a link should open up in a new window. In general, the following standards are recommended for links:

    • Links to documents or pages within the Site Collection: Do not open in a new window.

    • Links to documents or pages in another Site Collection: Open in a new window.

    • Links outside your intranet (to another application within the company or to an Internet site): Open in a new window.

  • Document libraries.Consider how documents will be used when you upload to SharePoint. Documents may be uploaded to SharePoint using almost any document format (Word, .pdf, Excel, PowerPoint, and so on). If you upload documents in their native formats, users will be able to download them and easily edit them to create their own versions. Unless they have Contributor privileges to a library, they will not be able to post them back to the same sites. Documents that might be reused as an example for others should always be uploaded in their “native,” editable formats. Documents that must be protected from editing or changing, even on a “private” copy, should be uploaded in a “protected” format or with passwords for editing. Consider the .pdf format for very large documents given that this format will reduce the file size and thus download time for others.


Security considerations are one of the most important design elements for a SharePoint site. It is important to think about security during the design process because understanding how objects will need to be secured on the site will affect the site structure, page layout, and metadata design. Considering that in almost all SharePoint deployments, end users will have some capabilities to manage security for sites they control, it is critical to ensure that anyone with permissions to assign security understands how SharePoint security works.

SharePoint provides the capability to secure content down to the item level and provides multiple options for creating security groups. This is both a blessing (due to the flexibility it enables) and a curse (because it makes it very easy for users to create overly complex and virtually unmanageable security models). As a best practice, it is helpful to offer “security planning” consulting to users who are new to SharePoint because planning security can easily fall into the category we call “Don’t try this at home.”


The Corporate Communications department (or its equivalent) in most organizations will typically define branding standards for your intranet and Internet presence. A key governance decision you need to think about is whether the corporate branding can be changed in a given SharePoint Site Collection. There may be valid business reasons to deviate from the corporate brand: For example, you may want an extranet collaboration site that is “co-branded” with your organization and a partner. Within an intranet solution, users may find it confusing and wonder “Where am I?” if the site branding changes from site to site, so you need to consider defining branding standards and policies with the site user in mind. Using some elements of color or brand variability in the site branding might help reinforce your security model. For example, you may want the site “brand” or theme to communicate the security model on the site—one theme or brand for enterprise-wide intranet sites and another theme or brand for secure team sites. This can help to provide visual cues to content contributors, reminding them when they post to a site with the “public” brand, the content can generally be seen by everyone in the organization.

  •  PowerShell for Microsoft SharePoint 2010 : Variables in Windows PowerShell (part 4) - Automatic Variables , Preference Variables , Environment Variables
  •  PowerShell for Microsoft SharePoint 2010 : Variables in Windows PowerShell (part 3) - Properties and Methods
  •  PowerShell for Microsoft SharePoint 2010 : Variables in Windows PowerShell (part 2) - Data Types
  •  PowerShell for Microsoft SharePoint 2010 : Variables in Windows PowerShell (part 1) - Working with Variables
  •  Sharepoint 2010 : Making Search Work - Configuring Search
  •  Sharepoint 2010 : Making Search Work - Analyzing and Designing Search (part 2) - Creating a Design Document
  •  Sharepoint 2010 : Making Search Work - Analyzing and Designing Search (part 1) - Creating a Business Requirements Document
  •  Sharepoint 2010 : Making Search Work - How SharePoint Search Works
  •  Sharepoint 2010 : Making Search Work - Using Search
  •  Security Tips From The Spymasters
    Top 10
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
    - Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
    - Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
    - First look: Apple Watch

    - 3 Tips for Maintaining Your Cell Phone Battery (part 1)

    - 3 Tips for Maintaining Your Cell Phone Battery (part 2)
    programming4us programming4us