Live from SharePoint Conference 2012.

This is a partner session by AvePoint.

Governance

20% CIO’s will lose their jobs for failing to implement discipline of information governance (Gartner Research 2016 Prediction).

IMAG0221

Requirements for IT Governance:

  • people have to be involved; an Executive sponsorship is mandatory to make governance project successful
    • IT: Architect, IT operation & administration
    • Business Owners: workload owners, departmental & functional owners
    • Back Office: Finance, Legal, HR and Communication teams
  • define a set of policies
    • Infrastructure
    • Operations
    • Information Architecture
    • Information Management
    • Project Management
  • define process to apply policy
    • Manual: encouragement, resource intensive, human error
    • Semi automated: PowerShell scripts, 3rd party tool
    • Automated: custom application, 3rd party tool
  • use some technology to assist processes and policies implementation

IMAG0221

 

Compliance, Risk and Privacy

  • Risk is the potential that a chosen action or activity will lead to a loss. The notion implies that a choice having an influence on the outcomes exists.
  • Compliance means conforming with stated requirements.

Challenges of compliance obligations and risks to information:

  • intellectual property and trade secrets
  • sensitive customers
  • collaboration on strategy
  • personal information
  • legal and compliance obligation

IMAG0221

Some specific risks to consider:

  • confidentiality leaks
  • loss of data integrity
  • no access to or availability of data

Questions to ask:

  • how do we protect the data
  • how do we reduce the risk of exposure
  • how do we quickly find information
  • how to we prepare for litigation and eDiscovery
  • how do we ensure policy consistency
  • how do we scale the compliance solution to the enterprise
  • how do we control cost
  • what is our cloud strategy

Don’t just focus on what you can see.

Creating and maintaining a compliant SharePoint environment is a continuous process:

  1. analyze the current environment
  2. identify non compliance
  3. prioritize the business needs
  4. diagram new security boundaries
  5. architect
  6. undertake migration
  7. maintain control

 

How do we control

IMAG0222

Cloud readiness assessment:

  • assess existing sites and content
  • report on and classify content
  • design compliant information architecture
  • determine cloud migration approach