How Do You Enforce Governance in SharePoint?

Automate it.

What does that mean?

Most IT departments and governance forums want to keep overly tight control on SharePoint for various reasons; but this doesn’t make it very palatable for end users to adopt. How do you find a happy medium?  Let’s look at some common issues and controls that can be automated :

Site sprawl – in Central Admin you can specify dormancy rules, so for example, you could specify that any site dormant for longer than 6 months will be automatically deleted and the Site Owner notified before the time.

Too much content – again configure in Central Admin on Site Collection level how much space can be allocated.  The owner can be notified when it is X percentage full and they must then either clean up what they have, or motivate for more space.

Security level of documents – this is the most common metadata field these days.  Save a versioned library as a template with a compulsory centrally managed content type in it and define in the governance plan that all libraries must be created using that template.

Documents may no longer be emailed – reduce the email attachment size on Outlook to the minimum, (so users can still work with their suppliers); make sure everyone has a site, has been taught how use it and how to send links to SharePoint.

Reduce support calls on the helpdesk – increase the upload limit of files, the default is 50MB for on-premise SharePoint.  Most videos exceed that easily. Bandwidth permitting, increase the limit on the platform so users don’t have to log calls for every large file.  (Manage expectations properly for low bandwidth areas though).

Manage permissions – it is impossible to manually monitor the activity of every single user on the platform.  Managing permissions in all versions of SharePoint is a bit of a nightmare – you need 3rd party tools to do this successfully. Evaluate them all and get one if you’re a large company.

Monitor activity on site level – instead of trying to watch every move of every user, give them the benefit of the doubt and put alerts on information you want to monitor.  Let SharePoint bring information to you.

Extract exception reports on site level out of box – empower users to extract their own reports on activity in the Site Collection by making sure the Site Collection Audit Settings have all been activated.  This is crucial for managing risk and security breaches on SharePoint. (Plan for this on a storage level because it will have an impact; but it is business critical functionality).

Approve important documents – put workflow or content approval on a library to manage these effectively.

Manage communications – put an announcement web part onto your landing page and make a rule that all company-wide comms have to go on there from now on.  Put an alert on for everyone to receive on a weekly basis.  Put in the expiry date on all comms so they leave the landing page automatically.  Keep all old announcements so new staff can catch up on the news and you have proof of information sent out for those who plead ignorance.

Built in user manuals – ALWAYS put in a proper description when creating lists and libraries that explains what settings have been activated in them, if they’re connected to any content types or site columns, alert settings, etc.  They are built in mini user manuals for anyone that has to take over site ownership from you.

Maintaining the server environment – outsource it if you don’t have the capacity inhouse; it can all be pro-actively monitored and managed remotely with instant alerts should anything go wrong.

There are far better ways to make use of your precious time than to micro-manage SharePoint.  Make technology work for you and free up your time to get back to what you do best.



  1. Bags have been received, with a bag with clothes well, the seller service is very patient, very enthusiastic. Thank you very much, the bag quality is also very good. Bags have been received, is leather. Very atmospheric, no color, good workmanship, more like the style, fabulous seller services, will come next has received the bag, very good quality, color is very positive, very innovative style, my wife liked. Seller service attitude is very good, very timely delivery.
    ray ban aviator imitation sunglasses


  2. I really like how you take the automation / empowerment route. In your experience, how much do you balance manual process with all the automation that the system do?


  3. @Cathie – no babe, I scheduled it. 🙂

    @Johan – yes good point, thanks for the reminder.

    @Mai – thanks love.

    @David – by security level I mean we need to classify documents with things like Secret, Confidential – Personal, Confidential – Business, Internal, Public, etc. Versioning doesn’t secure it, but it does protect stuff from being over-written. So you could kill 2 birds with one stone by having a compulsory metadata field in a content type that’s tied to a document library; add versioning settings to the mix and you can classify documents and protect work from being lost at the same time. Does that makes sense? I can try explain further if you like.


  4. Hi Veronique, Could you elaborate on “Security level of documents”. What is the most common metadata field? What is in this content type that is required in this library and how does this versioned library secure the document? guess I am totally clueless on this one, but I am intrigued.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.