Security Governance
SharePoint security governance is based around ensuring the confidentiality, integrity, and availability of information and services, while also ensuring that operational activities comply with relevant compliance requirements.
In establishing a workable SharePoint security governance model, it is important to consider who is responsible for what. An example governance model is depicted below.
A Governance model is established through:
- Identifying appropriate roles and responsibilities;
- Structuring the roles and responsibilities to achieve proper accountability and delegation;
- Determining security activities;
- Establishing processes for the continual monitoring and control of activities;
- Ensuring that these activities take place.
Example security roles and responsibilities
| Responsibility | Assigned to | Escalates to |
| Ensure appropriate access controls on information | Site owner | SharePoint Governance board |
| Ensure secure site configuration (e.g. audit logging) | IT administrator | SharePoint Governance board |
| Ensure secure infrastructure configuration | IT team | IT Director |
| ... | ... | ... |
Example security procedures
Procedures may be required:
- Assess the business impact of change;
- Request access to sites;
- Request creation of new site / site collection / web application;
- Manage new user requests;
- To assess new SharePoint add-ins.
Example security activities
Secure site configuration in SharePoint includes:
- System administration;
- Content sensitivity assessment;
- Audit logging;
- Document versioning;
- Access controls;
Most Popular
4 weeks 6 days ago
19 weeks 5 days ago
36 weeks 5 days ago
39 weeks 5 days ago
44 weeks 2 days ago
41 weeks 5 days ago
34 weeks 4 days ago
32 weeks 6 days ago