This is a series of 9 articles. Click here for the full TOC

What type of policies that we need to create around SharePoint?

There are lots of policies that you can govern your SharePoint with it and it all depends on your environment. However, I am suggesting few categories that you must address and make some informed decisions on each topic.

Roles and Responsibilities Security Policies

After you have defined each role and responsibility, it is important to create a security policy around each role. For example you need to create a policy for the "System Administrator Security Policy" and ensure that this role gets the appropriate permissions.

Here is a template that I use to create security policies:

Security Policy Template

 

Policy Name: System Administrator Security Policy

Applied on: Production Environment, UAT Environment and Test Environment

Description: System administrators are added in the default local admin group which is called "Administrator".

Scope 

Group 

Permissions 

System 

Local: Administrators

Full Control

 

 Other security policies that you might want to consider:

  • System Administrator Security Policy
  • Backup Administrator Security Policy
  • SharePoint Farm Administrator Security Policy
  • SQL Administrator Security Policy
  • Active Directory Resource(s) Security Policy
  • Enterprise Security Administrator Security Policy
  • Enterprise Site Collections Administrator Security Policy
  • Site Owner (Team Sites) Security Policy
  • Site Owner (Publishing) Security Policy
  • Contributor Security Policy
  • Reader Security Policy

 Read Next: SharePoint Governance – Application Lifecycle Management Policies