My post on ‘Measuring the value SharePoint 2010 can bring to your organisation’ caused a few comments, for example, Stephen Arnold posted ‘SharePoint: The new black?‘ and an intranet professional said ‘I’m struggling to find the value I expected, at least obvious enough to sell to management’.
The real lesson you must learn is IT IS HOW YOUR ORGANISATION USES SP2010 THAT WILL DECIDE WHAT VALUE IT BRINGS.
As part of your SP2010 strategy you need to get the governance right for your organisation – restricted if you are highly regulated, looser if you are creative and innovative – for publishing and for accessing and using the information.
Setting the right level of permissions for people publishing and using SP2010 is critical to the value it can bring to your organisation
What level of control do you want to have centrally? What level of control do you want publishers to have?
I know of two organisations of similar size (100,000+ people) that have decided on who should be site collection administrators. One organisation has less than five while the other has made everyone who publishes a site collection administrator. Both may be right but that is a big, big, difference! For me this is the key role for SP2010 publishing. Much to my surprise I could not find a role description on Microsoft’s site but it should include:
Advising users how to access and use SharePoint, granting or removing access to the Site Collection
Regularly reviewing the content published for best practice.
Logging service faults and dealing with day-to-day enquiries from site users.
Agreeing and implementing the structure and access control permissions required for sites, lists, and document libraries.
Referring users to relevant documentation and support processes.
Helping users understand how they should use it appropriately.
Making sure relevant policies, such as information security and information retention, are understood and followed by users.
Making sure users have the necessary skills to use the Site Collection.
Making sure that the Site Collection is renewed or deleted by actioning the site expiry messages.
You must be very careful about who you give site collection administrator rights to. There are other levels of permission you can give publishers to create pages and sub-sites, edit content or just read only for some parts of the site collection without making them site collection administrators.
There are good reasons for making people site collection administrators. It cuts down on the central administration, training, awareness and education if a lot of this is done at site collection level.
It is vital you have a long term strategy if you are planning to use SP2010 in a big way. This may involve using SP2010 for collaboration, document management, content management, etc.
It may be right to give site collection administrator rights to encourage collaboration and innovation by removing any unnecessary barriers that prevent this happening. But you really want tighter management of the corporate memory in documents with an audit trail and limit permssion rights to a few.
How you get the balance right and assign different levels of permission to MySite, TeamSites and MyProfile is critical to whether SP2010 brings the value your organisation expects or not.
In my next post I will cover the value to be gained by setting the right level of permissions for people using the information published.