Can an organization ensure continuous, profitable and sustainable development without clear and well-functioning IT Governance for associated services?
Today we have access to a giant toolbox with a wide variety of newest and coolest solutions. At this time of digitization and continuous development, at an ever increasing rate, it is easy to be dazzled by the excellence of technology.
When we make this technology/services available for the organization's users, it becomes easy for them to learn and embrace the technology. This in turn leads to a rapid growth of information and the way it is used, handled and shared varies. This quickly leads to losing the overview and basic control of the services for which You are responsible.
One thing that everyone talks about, but few know, is IT Governance. My experience is that there are many definitions of what this is and how it should be handled. It would be interesting to hear how you handle this for your organization's different services, especially when it comes to Microsoft Teams. What actions and activities do you consider to be as a minimum to establish good basic IT Governance for Microsoft Teams?
There are many different regulations that apply based on country and industry that will be the biggest factor to consider, but beyond that the move is to allow users more self-control and self-administration.
If you can establish an understanding among users that the status of their self-service sites and teams compared to more formal official structures then this doesn't need to specifically break governance approaches. It's pretty much the same as people go through with Yammer, just because it's on Yammer doesn't mean it's official unless it's a link to an official source, well the same approach can be applied to Teams.
The problem with tight governance tends to be that it drives users to make poor decisions around information security, if the process to get a Team is onerous, just go to public service like Slack and use that.
Thank You for Your response Steven! I agree with You that the process of getting a team should not be too tight. However, "Service Owners" and/or administrators often need to have some fundamental control of usage, security settings and compliance. Provided that you do not have any specific regulatory requirements, what do You think is most common/most effective? Is it enough to only inform (using guidelines) or are there some basic mechanisms that always should be implemented to control the use?