Every successful business owner knows there is a single critical element to maintaining an effective business: systems.
Without systems, a business can quickly spiral into chaos – becoming highly inefficient and leaving the door wide open to compliance, financial and even reputational risk.
For a system to function properly, it needs clear processes and rules for people to follow. These processes and rules are otherwise known as ‘governance’.
Quality governance is important in all areas of a business, but particularly for IT systems. As the foundation of any modern business, allowing chaos to fester in your IT environment can lead to serious and systemic issues that take time and money to resolve.
Governance documentation creates clarity
For people to follow processes and rules, they need to know what they are.
A centralised governance document provides the space to record all the rules and processes associated with your IT environment – and this can then be shared with others in the business and used to create relevant guidelines or cheat sheets for people to refer to.
The level of specificity in your governance document depends on the nature of your business and the tools you use. You may only use Microsoft’s Word, Excel and Outlook so your processes and rules could be relatively straight forward. On the flip side, your business may rely on a full suite of IT software and apps so your governance document would require more detail.
It’s important to look across the business and ensure there is effective governance for all IT tools.
For example, you may not see the need for governance for a platform such as Microsoft Teams. Yet we often see huge problems arise in an organisation that has let their Teams use spiral out of control. Hundreds of random Teams with no rhyme or reason as to why they are created, or how they are named, ends up impacting productivity and even security.
What goes into a governance document
Here is a sample of the sections and information that your governance document should contain…
Roles and responsibilities
- Who in the organisation is responsible for governance?
- What activities are they required to do?
- How often do governance teams meet for a review?
- When and how is the governance document updated to reflect changes, improvements, new technologies, and so on?
User access
- What level of access do employees/teams have to information or certain IT tools?
- How is confidential data protected?
- How is vendor or guest access managed?
Custom development
- What is the process for developing new tools (such as an app)?
- What is the process for customising existing tools?
Support and management
- How do staff create a support ticket when they encounter an issue?
- What are the various levels of support and who provides them?
- What service level agreements are tied to support tickets?
Licence management
- How do we licence people in our business to use software?
- Which licence type applies to which roles (i.e.: standard vs premium)?
- What is the process to cancel a licence?
Monitoring and alerts
- What monitoring do we have in place to ensure security of our systems?
- For manual monitoring, who is responsible and how often should they monitor?
- What is the process when we identify an issue (such as low storage space)?
System auditing
- When do we conduct audits?
- How do we audit systems in a compliant way?
- What is the process for rectifying an issue identified in an audit?
Naming conventions
- How do we name documents, files, Teams, and so on?
- How do we communicate naming convention rules with staff?
- What is the process to fix an incorrect file or Team name?
Archiving and backup
- How do we archive?
- What do we archive and when?
- How long do we keep archived documents?
- How quickly should people be able to restore backups?
- How do we delete archived documents and do we also delete them from backups?
Professional support to develop a governance document
While developing a governance document does take time, it’s extremely important to get right. There is no single “perfect governance document” that works for all businesses, so engaging a professional to streamline the process and ensure everything aligns with best practice is a great place to start.
A professional will also know how to help you avoid pitfalls that can occur when developing a governance document – particularly for sections that are more technical. In addition, they will be able to tailor your document to match your business’s level of complexity and maturity so it’s entirely fit for purpose.
At Antares, we’ve supported many organisations to develop comprehensive and practical governance documents that align with best practice. As a Microsoft Gold Partner, we have an in-depth understanding of all Microsoft components and how they interact, as well as how your business can get the most value from them.
We can also guide you on uncovering any governance issues you currently have, and develop strategies to address them.
Once the governance document is complete, we will provide you with a prioritised action list to further support your governance activities and get your business running like clockwork.
For help creating a comprehensive and practical governance document for your business, please get in touch.