Knowledge Management in SharePoint
Table of Contents
Effective Knowledge Management is a competitive advantage. It is critical to not only strengthen product and service differentiation but also designing and executing effective, sustainable, and also adaptive strategies at scale.
When knowledge is managed poorly the consequences can be significant, to include losses in productivity, efficiency, product & service differentiation, as well as regulatory compliance.
Using a technology stack like SharePoint can help protect knowledge assets and scale their impact across the enterprise.
Knowledge Management Competencies
In its natural state, knowledge is elusive and ever changing. It adapts to new circumstances. Explores opportunities. Tests hypothesis. Generates insights. Discards outdated assumptions. And starts the process all over again as information is updated. Knowledge management requires constantly investigating and challenging the status quo. It also involves protecting knowledge. Even when shared, knowledge needs to be managed by thoughtfully and effectively to be able to deliver consistent quality results.
Knowledge Management Competencies are a critical competitive advantage.
These competencies help leverage existing knowledge and experienced held within the enterprise, protect it, and create a differentiated product and service catalogue that scales.
People represent a key input into delivering on sustainable critical to quality and critical to customer outcomes. Knowledge management involves focusing on the following competencies:
Structure
This emphasizes how knowledge is stored, accessed, searched, evaluated, secured, consistency, and leveraged.
Retention
This emphasizes whether knowledge is accessible and available for use.
It also influences if engagement of available information is overwhelming or focused
Security
This emphasizes whether knowledge remaing a competitive advantage or is available to anyone, including the public, to access.
Access
This emphasizes whether knowledge is available to those who should have access to it.
It also involves making sure the knowledge is readable and useful
Storage
Decisions within this competency area involve onsite, in the cloud, hybrid, on devices, location, structure, permissions, security, and more.
This emphasizes user experience, accessibility, and costs.
Quality
This takes into consideration version control, formatting, useability, issues of data corruption, security, searchability, and more.
Quality management processes emphasize auditing, retention, disposition, and continuous improvement.
Search
This emphasizes usability, structure, analysis, ability to leverage available knowledge and information, storage, and more.
This emphasizes access to the right information, at the right time, by the right person.
Integration
This takes into consideration and impacts content structure, accessibility, storage, and searchability.
Security considerations also significantly influence what and how knowledge assets are accessed (applications, devices, etc.).
Analysis
Knowledge management requires having the ability to filter, and evaluate not only the assets themselves but also their combined relationships and insights.
This is done using default and configured lists, graphical dashboards, and reports.
Users
Knowledge management is all about the users.
This includes colleagues, customers, the public, funders, and regulators. Information distribution channels are configured and managed for the unique needs of each group.
Expenses
How knowledge is managed directly impacts the company’s bottom line, to include revenues, expenses, and vision to reinvest in future opportunities.
Cutting corners on knowledge management can impact the bottom line.
Compliance
Knowledge management involves a lot of information. Regulatory compliance is critical. Without it our stakeholders, customers, funders, and regulatory supports are left unsatisfied. The consequences can be loss in funding, customers, revenue, and licenses not to mention litigation.
Cloud based technologies can help companies to scale their knowledge management framework and deliver on all the metrics in this section
Knowledge management requires a structured thoughtful approach. Innovate Vancouver was engaged to build an Enterprise IT SharePoint program for a client. This involved building the program, product, and service architectures.
Identifying vaue drivers in the design and configuration of the product is critical if the implementation is also to drive value.
The following section includes artifacts from that engagement.
These case examples can be used as a starting point for building your company’s knowledge management program in SharePoint, tailored to the unique requirements of your environment and priorities.
The structure of the roadmap supports incremental engagement and delivery of features & capabilities that build upon one another.
Knowledge management is dependent on a business model and technology architecture stack to operationalize its capabilities.
The structure of the program and technology architecture models directly influences its scalability and performance.
A change management approach creates awareness and interest as champions and key stakeholders are identified.
These groups can help clarify priorities, pain points, and support execution of each phase throughout the program’s lifecycle.
The infographic in this section has helped to facilitate discussions with several stakeholder groups on the features to be deployed, the benefits to be realized, and further training that will be needed.
Peer led training is essential with ongoing monitoring and feedback on what is working and what needs to see improvement.
Design your change management and training cycle to align with the feature release roadmap. This will help build momentum and engagement through ajust in time design, planning, build, and implementatio approach.
Technical Case Examples
The following documents provide a high level overview of the Enterprise SharePoint Program’s business model, products and services, and a short introduction into information architecture.
Establishing and sharing configuration standards and best practices is needed to support self-service and alignment with the larger enterprise architecture framework. Without these standards, stakeholders and customers are less likely to manage their knowledge management assets similarly. Alignment, integration, and synthesis becomes increasingly challenging. Security standards compliance deteriorate, opening the company’s knowledge assets to intrusion, theft, if not corruption.
Understanding best practices and guidelines is just the first step. A framework needs to be in place to support ongoing compliance, auditing, evaluation, and training. A properly configured and managed technology stack can help to significantly scale these standards.
Program Management Case Examples
The following documents provide a high level overview into best practices for SharePoint design, Information Architecture, and a short introduction to records management. These are case examples that are configured to the unique needs of each client. The first case example explores whether or not SharePoint could be used as an IT Portfolio Project Management Wiki. The second example explores information architecture best practices for a company’s enterprise SharePoint intranet site.
Knowledge Management Assets – Defense in Depth
The structure of knowledge assets influences its accessibility, usefulness, and evaluation. This structure also influences how easily a security framework can project these assets from theft, loss, or corruption.
The Open Systems Interconnection (OSI) model provides a useful guide for evaluating security risks and mechanisms to manage them across the software stack. Leveraging additional insights from the Architecture Development Model (ADM), solutions architectures, developers, product owners, and stakeholders are empowered to simultaneously evaluate and design their business, systems, and software architecture models to strengthen integration, security, and delivery of value.
Expand the following accordion to learn more about some of the Microsoft tools and processes available to protect knowledge assets in Azure and SharePoint.
Purview
Identify Your Data
Sensitive Information Types
Trainable Classifiers
Data Classification
Protect Your Data
Sensitivity Labels
Azure Information Protection Unified Labeling Client
Double Key Encryption
Officed 365 Message Encryption
Service Encryption with Customer Key
SharePoint Information Rights Management
Rights Management Connector
Azure Information Protection Unified Labeling Scanner
Microsoft Defender for Cloud Apps
Microsoft Purview Data Map
Microsoft Information Protection SDK
Prevent Data Loss
Microsoft Purview Data Loss Prevention
Endpoint Data Loss Prevention
Microsoft Compliance Extension
Microsoft Purview Data Loss Prevention On-Premises Scanner
Protect Sensitive Information in Microsoft Teams Chat and Channel Messages
Priva
In Draft
Defender
Microsoft 365 Defender
Microsoft Sentinel
Microsoft Defender for Cloud
Sentinel
200+ Connectors
Threat Intelligence
Automation
Artifical Intelligence
In Draft
In Draft
Knowledge Management File Plan Architecture
The file plan is used to create policies and labels that are then applied to specific document types and locations.
The following section provides a high level overview of the metadata included in a records management file plan and their functional definitions.
Refer to the addendum table beginning on page 22 in the information architecture guidelines (PDF) above to learn more about what is required for each column on the file plan: Format, Required (y/n), and additional parameters. The following file plan includes the following fields and metadata, emphasizing retention labels and the actions to be taken when the time period has ended.
Label Name
This property
specifies the
name of the
retention label
and must be
unique in your
tenant
Comment
Use this property
to add a
description about
the retention
label for admins
Notes
Use this property
to add a
description about
the retention
label for users
Is Record Label
This property
specifies whether
the label marks
the content as a
record
Retention Action
This property
specifies what
action to take
after the value
specified by the
RetentionDuratio
n property (if
specified)
Retention Type
This property
specifies whether
the retention
duration (if
specified) is
calculated from the
content creation
date, event date,
when labeled date,
or last modified
date
Reviewer Email
This property
specifies the
email address of
a reviewer in
your tenant for
the
KeepAndDelete
retention action
Retention Duration
This property
specifies what
action to take
after the value
specified by the
RetentionDuratio
n property (if
specified)
expires
Reference ID
This property
specifies the
value that’s
displayed in the
Reference Id file
plan descriptor,
which you can
use as a unique
value to your
organization
Department Name
This property
specifies the value
that’s displayed in
the
Function/department
file plan descriptor
Category
This property
specifies the
value that’s
displayed in the
Category file plan
descriptor
Sub Category
This property
specifies the
value that’s
displayed in the
Sub category file
plan descriptor
Citation Name
This property
specifies the
name of the
citation
displayed in the
Provision/citati
on file plan
descriptor
Citation URL
This property
specifies the
URL that’s
displayed in the
Provision/citati
on file plan
descriptor
Citation Jurisdiction
This property
specifies the
jurisdiction or
agency that’s
displayed in the
Provision/citation
file plan
descriptor
Regulatory
This property
specifies
whether the
label marks
the content as
a regulatory
record, which
is more
restrictive
than a record
Event Type:
This property specifies an event type used for event-based retention
There are two types of labels often emphasized in SharePoint document management. Retention labels specify how long an object is retained, and the actions taken after that time has passed. Sensitivity labels are configured in another compliance dashboard, and are used to specify ‘confidential’ object types and the actions that can be performed once the label is applied.
Many of the fields in the file plan are ‘optional’ whereas others are ‘mandatory.’ Relationships also exist between the fields.
For example, if ‘regulatory’ and ‘record’ is flagged as ‘yes’, several other fields are now required to configure the document management software so that it knows what to do after ‘x’ amount of time (retention) has passed (delete automatically, disposition review, etc.). If the action ‘disposition review’ is marked the field ‘reviewer email’ also needs to be populated.
Some fields can not be modified once applied. For example, ‘is record’ marked as ‘yes’ applies the record metadata to the document type indicated in the file plan. Once this record metadata is actively applied to that document type, in the specific location (SharePoint, Teams, Outlook) indicated, it can not be removed or modified. This makes sure the record is managed as intended.
Microsoft Exchange Online Information Protection
Exchange Online is integrated with Microsoft 365 as a messaging service that expands on the suite of applications available in M365.
Exchange Online stores copies of files shared through email as well as applies its own independent labels and settings to protect your company’s information assets. Security of information assets in Exchange Online mirrors how it is also being managed in SharePoint, Teams, and OneDrive. Each application is configured based on how it is used: individual user, groups, internal, vs. public access & sharing.
The graphic to the right provides a high level overview of some of the assets and features available in Exchange online. Microsoft and Azure Information Protection is configured (including retention labels and sensitivity labels discussed in this module) to protect these assets.
Security and asset management is configured for each container, application, device, user, and endpoint. Monitoring of security risks, alerts, violations, use, workflows, and costs, etc., uses dashboards specifically configured for each security module.
Information Architecture Guidelines – Planning Tool
Enterprise architecture security begins with an evaluation of vulnerabilities, risks, and requirements of the information assets managed. Knowledge management begins with the architecture of knowledge itself.
The taxonomy of knowledge is mapped against security settings, container architecture, and a technology stack that delivers additional user features, requirements, and capabilities. When integrated with additional applications, knowledge management capabilities are empowered to be managed, accessed, and secured from within a series of central administration dashboards. An interactive planning tool is provided below to begin drafting information architecture guidelines.
Well Architected Framework
Effective knowledge management is a critical competitive advantage. Designing the framework starts with a review of the business case, regulatory environment, stakeholder priorities, and available technology. Bulding and testing the framework will often incorporate a release schedule that priorities features and user groups based on priority and readiness.
Maturity models can be benchmarked to evaluate the sophistication of an individual knowledge management framework but will often provide limited insight into whether the solution is fit for purpose within a specific environment.
Having a deep understanding into the business case, present state, and future state vision for the company/industry is critical.
A generic timeline is provide below to help illustrate a high level design-build-implementation. Scroll to the right to view the timeline. Scroll up and down to view all information included within each phase.
Knowledge Management Framework – Program Planning Tool
A template for drafting the plan for your knowledge management program is included below. The information architecture guidelines and file plan are direct inputs into the design of the program framework.
Innovate Vancouver is a Technology and Business Consulting Service located in Vancouver BC.
Travis Barker, MPA GCPM
Consulting@innovatevancouver.org