An interesting question was posted to the interwebs via Twitter. Someone was searching for information on governance for small to medium businesses (SMBs) -- specifically as it applies to SMBs, rather than large enterprises. My initial reaction was that there is no difference. Much of my professional experience has been in project management and business analyst roles, helping organizations large and small to define, deploy, and maintain governance and change management infrastructures. In my experience, the core principles of governance for a large enterprise -- the defined roles, the scope of activities, the best practices on how to manage it -- are equally true for the small or medium business.
But is this, in fact, true? Are the principles of governance different for SMBs than they are for the enterprise?
Clearly, how you apply governance evolves as your organization grows. Policies and procedures and roles will be developed and rolled out as the size and scope of your systems increase. Likewise, there are organizational structures and business needs that require strict control over their SharePoint environments…..but that could be said for smaller companies in tightly controlled fields with heavy regulatory oversight. Smaller systems do not equal simpler systems. You can have a very small SharePoint deployment, for example, by way of users (lets say under 100 people) and amount of content (less than 200 gigs), but how you use your environment could require complex permissions and policies, both proactive (how you actually build out your environment to guide people to the right place) and reactive (let users and administrators know when limits have been reached or policies have been broken, and automate the next steps, as possible). Other things that may vary depending on size and complexity are the actions to be taken, the degree of documentation that is captured and tracked, and the number of steps taken, formal or informal, to resolve issues.
But does any of that make governance different for SMBs? I don't think so. These differences really have nothing to do with the core principles that make your governance model successful:
Understand your current system: how it works, how it is managed, strengths and weaknesses.
Define your future system: regulatory and compliance requirements, reporting and dashboarding (business intelligence) requirements, roles and responsibilities.
Perform a gap analysis: understand what it will take to get your system from where you are today to where you want to be, with a detailed analysis of the capabilities (and shortcomings) of your platform and tools.
Execute and manage the changes: as you deploy the new system, you'll learn and grow and make adjustments to your governance model. At the center of this process is having a strong change management process, and to provide transparency to the organization so that people know what is happening, and can see the progress and priority of their change requests.
These principles are true no matter what the size of the company. You can argue the granular components (things like item-level permissions, or document retention roles) but the fact is that some small organizations need complex governance infrastructures, and some massive organizations prefer keeping their governance models as simple as possible.
Go punt. #governance #InformationGovernance #ElectronicRecordsManagement #reporting #compliance #SharePoint #informationmanagement #knowledgemanagement