Draft
Knowledge Management in Sharepoint - Article:
https://innovatevancouver.org/2022/10/10/knowledge-management-in-sharepoint/
Contact Innovate Vancouver to help on your next project!
Travis Barker, MPA GCPM
Consulting@innovatevancouver.org
http://innovatevancouver.org
2. Page 1
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
Executive Summary
SharePoint & Teams are products of Microsoft Corporation ™. The following guidelines
are borrowed from the larger Microsoft Community and provide an overview of best
practices for structure and managing SharePoint, Teams, Document Libraries, and
Associated Assets based on Company requirements and user needs. This guidelines
document will be updated as best practices are refined.
The following document is structured based on best practice domains. Each section
identifies the domain area being reviewed, current recommendations, future
recommendations, out of scope items, next steps, and a discussion of domain risks to
consider.
Table of Contents
1. Executive Summary
2. General Document Management Principles: Overview
3. Storage
4. Site Structure & Hierarchy
5. Flat Site Structure
6. Navigation
7. Branding
8. Search Architecture
9. Permissions
10. Security Best Practices
11. External Sharing
12. Naming Guidelines
13. Provisioning Automation
14. Metadata Standards
15. Taxonomy & Term Stores
16. Microsoft Information Protection
17. Company Record Types, Sensitivity, & Retention Label Themes
18. Re-usable Architecture Models
19. Records Management Labels & Conditions
20. Retention Labels & Policies: Capability Matrix
21. Basic Retention Settings Matrix
22. C&M Branded Landing Page & Navigation Elements
3. Page 2
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
General Document Management Principles: Overview
Specific Principles
The rest of this guidelines document focuses on specific domains to include storage, security, permissions,
metadata, structure, and user experience. These principles represent best practices and thematic
architecture models that can be reused and replicated throughout the corporation. Departments are
supported to refine and tailor best practices for their subject matter area, based on regulatory and user
requirements.
4. Page 3
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
1 Section Name Storage
A Present Recommendations 1. New files will be created, stored, and managed in SharePoint,
once the department/team has been created a site
B Future Recommendations 1. JDrive migration will be targeted to active files only.
2. JDrive remainder will remain as archive. Locked. Schedule TBD
C Out of Scope 1. Some databases and social media content will remain in network
storage
D Next Steps 1. Libraries for migration need to be identified
2. Audit libraries: Keep, Update, Delete, Migrate, archive
3. Consultant likely to be engaged to help validate and migrate/
configure
E Risks 1. Scope above will cover many projects. Need to prioritize.
2. Training to manage the DMLC of assets needs to be emphasized
2 Section Name Site Structure & Hierarchy
A Present Recommendations 1. Use of SharePoint Communication Sites
2. Use of SharePoint Collaboration Sites
3. Use of Microsoft Teams
4. Hub n Spokes Model
B Future Recommendations 1. Many assets are being created in isolation. Will associate into
Hub n Spoke model as an ecosystem for each team is observed.
2. Navigation elements that support IA will need to be validated
and standardized
C Out of Scope 1. SharePoint Groups not being used
• Inactive Assets
(Archive)
• Active Assets
(Migrate)
JDrive
• Inactive Assets
(Archive)
• Active Assets
(Migrate)
USTenant
• New Assets
Created Here
• Assets Managed
until Archived
SharePoint
SharePoint
Communication
Site
SharePoint Site
(pages)
Document Library
SharePoint
Collaboration Site
(HUB)
SharePoint Site
(Pages)
Microsoft Teams
Libraries
5. Page 4
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
D Next Steps 1. Validate architecture models ongoing: SharePoint, Teams,
Document Libraries, Permission Groups
E Risks 1. SharePoint group is not being recommended
3 Section Name Flat Site Structure
A Present Recommendations
1. Not using a hierarchy, but instead using the Hub n Spokes
model that loosely ‘associates’ assets with a designated Hub.
This avoids the limitations of the formal ‘hard’ links across an
asset ecosystem. This also supports inheritance of permissions
and labels
B Future Recommendations
1. May want to emphasize build of formal landing page for the
intranet
2. Different landing pages for Employees vs. Customers
C Out of Scope
1. The current SP approach does not include full architecture
model deploy for each department or team
D Next Steps
1. Clean up existing teams in inventory (identify owner, if being
used, archive, migrate content, etc.)
E Risks
1. In many instances, current assets are unassociated (no
ecosystem yet). Can be associated at later date as more assets
are created
2. No associations may require additional site configuration in the
future to associate and manage navigation, access, and UX
across newly joined assets (that were configured separately at
an earlier date)
Department HUB
• Site Assets
Department HUB
• Site Assets
Department HUB
• Site Assets
6. Page 5
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
4 Section Name Navigation
A Present Recommendations
1. Navigation already added to Intranet Communication Site –
Level
B Future Recommendations 1. C&M templates currently do not include employee vs.
Customer branding/ LP
C Out of Scope 1. Audience targeting feature is not being used at this time
D Next Steps
1. Need to validate enterprise and vertical navigation models as
more assets are added
2. Will want to validate personas and different navigation
workflows to support consistent UX across and within site(s)
3. C&M templates creates for communication sites with
standardized UX. Need to add to existing assets, and deploy
when future comm sites are created
E Risks
1. Content management owners not assigned. Asset creation and
implementation will not necessarily follow branding or UX best
practices
2. Templates for each level of the intranet are not available.
Consistent navigation or UX is thus not being managed as of
this date (Jan 2022)
5 Section Name Branding
A Present Recommendations 1. C&M owns branding
Navigation
Elements
Headers
Directories
Buttoms
Images
Links
Branding
Colours Logos Typography Images
7. Page 6
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
B Future Recommendations
1. Audit full intranet architecture and assets for alignment with
branding (future state deliverable)
C Out of Scope 1. See section 5
D Next Steps 1. See section 5
E Risks
1. See section 5
6 Section Name Search Architecture
A Present Recommendations
1. Emphasizing out of the box (OTB) model which is expected to
have AI improvements with next upgrade
2. Search results are dependent on the level where the search is
conducted
3. Metadata, IA, and inheritance will improve results
4. Search model and metadata models to be MVP, per minimum
user requirements
B Future Recommendations 1. May look at future state models to make sure current state
models align with metadata and naming conventions, version,
date, etc.
C Out of Scope 1. Customization is not being recommended at this time
D Next Steps
1. Identify Document Types
2. Identify Metadata Standards
3. Identify Sensitivity Labels (edit, share, download, view, etc.)
4. Identify Retention Labels (2, 3, 5, 7 years, etc.)
5. Identify Permission Groups
6. Identify Controlled vs. Uncontrolled Scope & Definitions
E Risks
1. Training resources have not been assigned to the program, as
of this date (Jan 2022)
Information Architecture
Site Structure
Document Types
Metadata Standards
Sensitivity Labels
Retention labels
Permission Groups
8. Page 7
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
7 Section Name Permissions
A Present Recommendations
1. Using Default Permissions, out of the box: Members, Visitors,
Owners
2. Will streamline existing permission groups that are at the
individual level
3. Permissions assigned: Site Level, Library Level, Folder Level
(avoid file level; avoid assigning to individuals – instead use
groups as much as possible)
4. Permission Group Created: Technical Contact (site owner &
admin)
B Future Recommendations
N/A
C Out of Scope 1. Individualized/configured permission groups
D Next Steps
1. Evaluate update SLA for alignment with created permission
groups settings & requirements
E Risks
1. Site/Information architecture design and asset management
need to be aligned with user permissions and object
collaboration requirements
2. Poorly architected IA, which will evolve organically, may
impact permission group architecture models (standards,
MVP)
Visitors
Members
Owners
Technical Contacts
File Level
Folder Level
Library Level
Site Level
9. Page 8
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
8 Section Name Security Best Practices
A Present Recommendations
1. Principle of least privilege is to be followed: Site, Library,
Folder, File, including what they can do with the object
2. Default groups to be used, including Technical Contact
3. Save assets where the appropriate permissions live
4. Validate permission and sensitivity labels to align with least
privilege and easy UX/management
B Future Recommendations
1. Ext-Guest group (admin) has been created so that they can
also add external-guests (vendor, etc.) who the follow MFA
protocol
2. Unique permissions should be evaluated for use of different
site architecture
3. AD roles to be emphasized. No configuration is preferred
4. Option exists to create a separate library on shared site to
configure different permissions (all vs. 2ppl)
C Out of Scope
1. Customized permission groups
D Next Steps
1. Validate permission groups/arch model for replication
2. Validate site & folder architecture models for supporting
unique permission groups
E Risks
1. Resources not currently (Jan 2022) allocation for training on
managing permission groups and least privilege
2. Labels follow a moved file, but do not update with new
environment – inheritance mechanisms (thus not updating
access unless done manually)
9 Section Name External Sharing
A Present Recommendations
1. Anonymous sharing remains an option, but in most instances
is not permitted with existing default site and object settings
2. Enterprise sharing often references ‘everyone in Company
with the link’ to differentiate internal vs. external sharing
Do they need access here?
Do they need access here?
Do they need access here? Department
HUB
Department
Assets
Department
Assets
Department
Assets
Department
Assets
Department
Assets
Site Storage Asset Labels Permissions
Use Case/
Activity
10. Page 9
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
3. Access review audits are currently manual, with a few groups
having coded solutions to support notifications and reminders
to review access for a select group
B Future Recommendations
1. Retention and disposition review labels may have a global
default, requiring all assets to be reviewed after a specific
timeframe (5 years, ex.). This will support DMLC, migration,
updates, archival, and deletion of objects that are no longer
needed
C Out of Scope
1. Automatic labels will only be applied to controlled documents,
and likely only a portion of these (to be prioritized based on
regulations and risk)
D Next Steps
1. Inheritance: Make sure files are not stored in the wrong site or
folder
2. Metadata: Make sure basic naming conventions are followed
(and appropriate templates are used) to support automation
mechanisms
E Risks
1. Files stored in wrong site or folder
2. Files named incorrectly
3. External users need to have the ‘key’ to view encrypted files
4. 40% of security and document control is the technical solution;
60% involves human processes and mechanisms
10 Section Name Naming Guidelines
A Present Recommendations
1. Name requests are approved based on the department and
site owner
2. SP Program and Sys Admin also validate the naming
conventions used during the ticket validation and approval
process
3. Site names include – teams (etc.) to identify type. This helps
when reviewing inventory as well as managing assets
B Future Recommendations
1. Identify names that are owned by each department. Create a
catalogue for point of reference upon site creation requests
Relevant to
Department
Relevant to
Users
Relevant to
Use Case
Specific and
not
Duplicating
11. Page 10
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
C Out of Scope
1. Locking down names will be limited to what is known. There is
currently no plan for enterprise community consultation to build
this list
D Next Steps
1. Indicate naming conventions in SP Program Overview Guide,
that is shared with groups during the ticket onboarding
process
E Risks
1. Not locking down naming conventions, and site names that
can be used, could result in poor navigation, search
experience, and asset adoption
2. Most departments are unlikely to have internal naming
convention guidelines to make sure the ‘department names’
are used appropriately
11 Section Name Provisioning Automation
A Present Recommendations
1. C&M has created branded templates for SP Collaboration
Sites
B Future Recommendations
1. C&M templates should be added when SP Collaborate Sites
are requested (new tickets)
2. C&M templates should be added to existing collaboration
sites
3. C&M is researching if web parts can be branded, so that new
site admins can create sites that are aligned with existing
brand guidelines
C Out of Scope
1. Provisioning Automation not required at this time, but may
be useful in the future if templates are standardized with web
parts that are identified as consistently added by site
administrators
D Next Steps
1. Roll out branded C&M SP Collab Templates
2. Research ability to setup branded web parts
3. Educate site admins on branded web parts (if a feature)
E Risks
1. Corporation Branding currently does not differentiate L1
from L2, L3, or Team Sites
Auto
Provisioning
Images
Colours
Logos
Web Parts
Branding Themes
12. Page 11
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
2. Corporation Branding currently does not differentiate
Customer from Employee assets
12 Section Name Metadata
A Present Recommendations
1. Metadata standards will build upon the following models:
Information Architecture, Site Structure, Flat Structure, Site
Navigation, Site Branding, Site Templates, Naming
Conventions, Inheritance, and Permissions
2. Metadata standards will inform/support Search Architecture,
Sensitivity Labels, Retention Labels, and Automation Rules
3. Metadata standards, including the standards indicated in
present recommendations 1&2 above, will represent
Minimum Viable Requirements that thematically and
structurally support interdependence, scalability, and ease of
use/management
4. Metadata emphasis will begin at the site level, followed by
library, folder, and then document. Inheritance will support
automation and application of metadata and permissions
based on site architecture and associations
5. Use of inheritance will limit the need for manual application
and management of metadata by users
6. Implementation of manual mechanisms for applying and
managing metadata should be minimized as much as possible
7. Metadata Standards:
i. Name identifies group and scope/ purpose for the site
ii. Avoid duplication of sites and names
iii. No special characters
iv. Author
v. Create Date
vi. Folder/ location
vii. Sensitivity: Confidential, Financial, Legal, etc.
B Future Recommendations
1. Automatic labelling is being considered for future
implementation (present recommendations will need to be
validated and implemented prior to automatic labelling is
even possible)
2. The goal is to have a catalogue of architecture models (site
structure, library structure, labels, etc.) that can be replicated
and deployed across the enterprise (simplifying training,
management, configuration, and deployment)
Metadata Standards
Information
Architecture,
Site Structure, Flat Structure, Site Navigation, Site Branding, Site Templates,
Naming
Conventions,
Inheritance,
Permissions
13. Page 12
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
3. Global Term Store (section below) is being considered to help
scale implementation of MVP short list of standardized terms
& taxonomies across the enterprise (with each department
configuring/adding as needed)
4. Security and labels will be supported through the thoughtful
identification of specific naming conventions relevant to
confidentiality, security, and risk
C Out of Scope
1. Re #3 above (section B), the SP Program Team is currently not
considering drafting metadata column standards for the
department level (other than naming conventions, etc.)
2. In principle, the standards for use of columns will primarily
emphasize sensitivity labels and retention labels; although
departments may wish to add further metadata to help
manage their folders and files
D Next Steps
1. Identify information architecture best practices
2. Identify site ecosystem/ architecture models
3. Identify permission group best practices
4. Identify navigation elements best practices
5. Identify site template best practices
6. Identify inheritance best practices
7. Identify document types
8. Identify metadata MVP naming convention standards
9. Identify sensitivity label MVP best practices
10. Identify retention label MVP best practices
11. Implement 1-10 at the enterprise level
12. Support departments to adopt and modify based on localized
best practices
E Risks
1. Creating overly complex metadata standards that create
resistance, low adoption, and result in assets being stored
and managed outside designated libraries (limiting access,
collaboration, asset management, etc.)
2. Metadata that inherits constraints that do not match user
workflows or requirements
13 Section Name Taxonomy & Term Store(s)
A Present Recommendations
Local Term Store
Global Term Store
14. Page 13
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
1. The team recognizes that additional resources and expertise
are needed to build, test, implement, and manage a
global/local term store. This tool is under consideration
B Future Recommendations
1. If the corporation builds a term store, it will consider MVP
requirements and emphasize/prioritize financial, legal, and
other regulatory risks when designating what content
requires this level of rigor
2. Departments will be consulted on what assets meet the MVP
criterion for build & deployment
3. Departments will be consulted on what sites will have the
term store applied and managed (and who manages it)
4. An enterprise term store would borrow from other
educational institutions when possible; otherwise represent
an enterprise top-down consultation and standardization
5. A department term store, if ever proposed, would borrow
from education institutions/relevant industries when
possible; otherwise represent a bottom-up consultation and
standardization
C Out of Scope
1. The term store is currently not in scope, but is being
considered for future phases if resources and training are
available
D Next Steps
1. Identify high risk and heavily regulated assets that require a
term store solution
E Risks
1. If the term store admin leaves, who manages it?
14 Section Name Microsoft Information Projection (MIP)
A Present Recommendations
1. Sensitivity label standards will be identified based on themes
and patterns
B Future Recommendations
1. Future phases may/will support department level tailoring
and creation of department specific sensitivity labels, as
required to meet MVP needs and regulatory requirements
Identity & Access
Management
Threat Protection
Information
Protection
Security
Management
Sensitivity Labels:
• Edit
• Delete
• Download
• Share, etc.
Retention Labels:
• 3
• 5
• 7 years, etc.
15. Page 14
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
C Out of Scope
1. Trainable classifiers are not being considered at this time
(although Microsoft has some templates and trained
classifiers already available, that may be applied)
D Next Steps
1. Suggestions – to review a project’s approach to database
standardization
2. Suggestions – to review project’s approach to workday’s
standardization
3. Identify opportunities to mirror approach and standards used
elsewhere in similar projects/initiatives within the
corporation
E Risks
1. Other models are likely being created in the corporation. Low
integration and enterprise standardization. Not all models
are interchangeable
15 Section Name MIP Applications & Features
A Present Recommendations
1. Sensitivity Labels
2. SharePoint Information Rights Management (IRM)
3. Rights Management Connected (TBD)
4. Microsoft Defender for Cloud Apps
5. Data Loss Prevention (DLP)
6. Microsoft Sensitive Information in Microsoft Teams Chat &
Channel Messages (TBD)
B No Known Scenarios (TBD)
1. Double Key Encryption
2. Office 365 Message Encryption
3. Service Encryption with Customer Key
4. Endpoint Data Loss Prevention
5. Microsoft Compliance Extension
C Out of Scope (not relevant)
1. Azure Information Protection Unified Labelling Client
2. Azure Information Protection Unified Labelling Client
Scanner
3. Microsoft Information Protection SDK
4. Microsoft 365 Data Loss Prevention On-Premises Scanner
D Next Steps
1. Validate present recommendations list
2. Validate No known Scenarios list
3. Validate out of scope list
4. Identify implementation/delivery roadmap for approved
applications & features
5. Microsoft 365 – Exit Strategy (Plan needed)
E Risks
1. Complexity that creates conflicts between settings and
permissions
2. Above, that is not aligned with user workflows and
requirements
3. Training resources not allocated as of this date (Jan 2022)
Present Recommendations No Known Scenarios Out of Scope
16. Page 15
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
16 Section Name Company Record Types, Sensitivity, & Retention Label Themes
A
Record Types
High Level Functional
Categories:
AD: Administration
CM: Communications &
Public Information
EX: Directorship &
Executive
FI: Finance
FP: Facilities &
Purchasing
HR: Human Resources
LE: Legal
SI: Customer Instruction
SS: Customer Services
1. AD-200 | Customer and Corporation Service Plans and
Reports
2. AD-300 | Information Enquiry Files
3. AD-320 | Meeting and Presentation Files
4. AD-340 | Project Management Files
5. AD-500 | Reference and Liaison Files
6. AD-700 | Security Incident Reports
7. AD-710 | Security and Property Access Control Files
8. AD-720 | Security and Safety Monitoring Files
9. AD-730 | Security and Safety Planning Files
10. AD-800 | Form and Template Files
11. CM-100 |Corporation Communication Materials
12. CM-150 | Studio 58 Production Promotional Materials
13. CM-200 | Access to Records/Information Request Files
14. EX-200 | Board Governance Policies, Bylaws and
Resolutions
15. EX-210 | Board of Governors Full and Sub-Committee
Meeting Minutes, Agendas and Reports
16. EX-220 | Board of Governors Member Files
17. FI-100 | Accounts Payable, Accounts Receivable and
Reports
18. FI-110 | Journal Vouchers, Account Reconciliation and
Budget Transfer Approvals
19. FI-120 | Cheques, Cheque Registers and Bank Account
Statements
20. FI-210 | External Audit Reports and Statements
21. FI-220 | Annual Operating and Capital Operating Budget
Plans and Reports
Record Types
Sensitivity
Label Themes
Retention
Label Themes
17. Page 16
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
22. FI-230 | Government and Non-Government Funding Grants
and Allowances
23. FI-240 | Program and Professional Development Funding
Proposals and Approvals
24. FI-250 | Financial Information Act Statistics, Statements and
Reports
25. FI-300 | Library Resources Purchase Orders
26. FI-305 | Overdue Library Accounts - Marks Withheld List
27. FP-100 | Requisitions, Tenders and Quotations and
Purchase Orders
28. FP-105 | Bookstore Stock Requisitions and Purchase Orders
29. FP-110 | Facilities Service and Premises Use Requests
30. FP-200 | Building Design, Renovation and Construction
Projects
31. HR-100 | Staff and Administrator Recruitment and Selection
Files
32. HR-110 | Faculty Recruitment and Selection Files
33. HR-120 | Senior Leadership Recruitment and Selection Files
34. HR-200 | Employment Administration Files
35. HR-203 | Athletic Program Volunteer Administration Files
36. HR-205 | Faculty Non-Instructional Duty Reports
37. HR-250 | Payroll Administration Files
38. HR-300 | Compensation, Benefits and Deductions Files
39. HR-400 | Collective Agreements and Terms of Employment
40. HR-410 | Labour and Workplace Relations Cases
41. HR-420 | Faculty Discipline and Concerns about
Instruction/Course Delivery Cases
42. HR-450 | Human Rights Administration Files
43. HR-500 | Position Development and Evaluation Files
44. HR-510 | Accidents, Incidents and First Aid Treatment
Reports
45. LE-100 | Customer, Service, Product and Agency Contracts
and Agreements
46. LE-110 | Contracts and Agreements with Government and
Non-Government Organizations
47. LE-120 | Leases and Agreements for Real Property
48. LE-130 | Copyright Clearances for Courseware and Non-
Courseware Materials
49. LE-140 | License Agreements for Media and Electronic
Resources
50. LE-200 | Corporation Insurance-related Claims Cases
51. SI-210 | Course Outlines, Exam Schedules and Calendars
52. SI-215 | Curriculum Content Change Proposals, Reviews and
Approvals
18. Page 17
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
53. SI-220 | Course Outlines, Exam Schedules and Calendars
54. SI-300 | Studio 58 Theatre Production Materials
55. SS-100 | Customer Registration, Graduation and Change
Requests
56. SS-101 | Customer Records for Faculty Reference
57. SS-103 | Limited Enrolment Course or Program Evaluation
and Selection
58. SS-105 | Customer Diagnostic Tests, Final Examinations and
Grade Appeals
59. SS-107 | Customer Academic and Non-Academic
Misconduct Cases
60. SS-108 | Corporation-Mandated Customer Leave of
Absence Cases
61. SS-110 | Customer Application, Withdrawal and Change
Requests
62. SS-112 | Customer Activity - Clinic Logs and Non-
Registration, Withdrawal and Graduation Requests
63. SS-115 | Customer Clinics - Client Consents and Customer
Assessment and Treatment Files
64. SS-120 | Customer Intake, Evaluation and Withdrawal Files
65. SS-130 | Customer Work Placements
66. SS-210 | Customer Counselling Enquiries, Session
Administration and Workshop Evaluations
67. SS-220 | Customer Application for Accommodation Cases
68. SS-230 | Player Eligibility and Athlete Registration Files
69. SS-235 | Funding Applications and Fundraising Proposals
70. SS-236 | Customer Designated and Endowed Awards and
Donor Files
71. SS-237 | Outstanding Alumni Award Designations
72. SS-238 | Corporation Foundation Board of Directors
Governance and Meeting Minutes, Agendas and Reports
73. SS-240 | Customer Bursary, Scholarship and Loan
Application and Award Cases
74. SS-330 | Health Services Patient Cases
75. SS-340 | International Education Customer Study Permits
and Customer Lists
76. SS-342 | International Education Consultant Agency
Payment and Contact Lists
77. SS-344 | Customer Exchange, English Language and Field
School Program Files
78. SS-350 | Homestay Customer and Family Applications
79. SS-360 | Child Development Centre Chidrens' Records,
Attendance Logs and Waitlists
80. SS-370 | Indigenous Customer Records
81. SS-400 | Inter-Library and Audio-Visual Media Requests
82. SS-405 | Library Statistical and Request Source Data and
Reports
19. Page 18
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
83. SS-500 | Client Applications and Alternate Format
Instructional Resource Requests
84. SS-505 | Customer Club Applications and Room Booking
Requests
85. SS-510 | Customer U-Pass Program Exemption Requests
and Fee Remittance Reports
86. SS-520 | Customer Volunteer Program Applications and
Activity and Organization Waiver
B
Sensitivity Label Themes
(TBD)*
1. Public
2. General
3. Confidential
4. Highly Confidential
C Retention Label Themes
A. 2 Years
B. 5 Years
C. 7 Years
D. 10 Years
E. Retained Permanently
D Triggers
1. Creation Date
2. Event Based
3. Last Modified
4. Not Applicable
E Disposition Type
1. Auto-Delete
2. Disposition Review
3. Retain Permanently
F Regulations
1. Corporation & Institution Act
2. Income Tax Act
3. Financial Information Act
4. Employment Standards Act
5. Labour Relations Code
6. Limitation Act
7. Freedom of Information & Protection of Privacy Act
8. Standards of Practice for Counsellors
9. Societies Act
F Next Steps
1. Validate Record Types/ List
2. Validate Sensitivity Labels
3. Validate Retention Labels
4. Validate Delete/Disposition Scenarios
5. Validate/Differentiate Paper vs. Digital Taxonomy
H Risks
1. Too Restrictive
2. Not Restrictive Enough
3. Too Granular
4. Too Abstract/High Level
5. Hard to Apply
20. Page 19
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
6. Hard to Manage
Document Library Architecture Model Microsoft Teams Architecture Models
SharePoint Hub n Spokes – Architecture Model
17 Section Name Re-usable Architecture Models
A SharePoint Hub n Spokes Architecture Model
• L1: SharePoint Communications Site (not
associated with Collab Site Assets)
SharePoint
Site
Project Document
Library
Discovery
Development
QA Testing
Project Management
Artifacts
Requirements &
Analysis
Vendor
Documentation
Implementation
Presentations
Status Reports
Closing Activities
Communication &
Training Materials
External Department
Microsoft Team Site
(Private, w/ External
Members)
Teams Channels (all
members + private
channels, as needed)
External SharePoint
Team Site (Private)
External Teams
Document Library
(Private)
Internal Department
Microsoft Team Site
(Private, Internal
Members)
Teams Channels (all
members + private
channels, as needed)
Internal SharePoint
Team Site (Private)
Internal Teams
Document Library
(Private)
Company HUB
SharePoint
Communication
Site(s)
SharePoint
Collaboration Site
(Dept) HUB
SharePoint
Collaboration Site(s)
Microsoft Teams Site
SharePoint Teams
Site (behind MSTeam
Site)
Document Libraries
(created with each
site & level)
21. Page 20
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
• L2: SharePoint Collaboration Site & HUB
(not associated with Comm Site)
• L3: SharePoint Collaboration Site
(associated with L2 HUB)
• L4: Microsoft Teams Site (associated with
SharePoint Collab Site – separate asset – or
auto created with/ behind the MSTeam
Site)
• L5: This references the document libraries
that are auto created with each site/ level
B Microsoft Teams Architecture Model
• L1: The MSTeam site may be associated
with a SharePoint Collaboration Site + HUB
(see above section)
• L2: The MSTeam site may also include
public OR private channels.
• Each channel has its own document library,
separate from the others
• Noting, that MSTeam libraries store their
documents on SharePoint (‘open in
SharePoint’ button available within the
MSTeam document library – header
section)
• The MSTeam, when associated with a SP
HUB, can inherit permissions and
metadata; or it can be configured
separately
C External Guests (shown above)
• When ext-guests are added, the
suggestion is to use a MSTeam site so that
document assets follow the least
permissions requirement
• Ext-Guest Admin Group: MSTeam site
owner is added to this group, so they can
add ext-guests to the site
• Ext-Guest Members: These members
(often vendors, etc.) will need to follow an
MFA process to sign into the site
• Note: External guests can also collaborate
on shared documents by sharing the
individual file, or creating a folder in an
existing site (adding ext-guest, and
configuring appropriate permissions; then
share the folder)
D Document Library Architecture Model
• Document Library Repeatable Structures/
Models may be identified for each
department area
22. Page 21
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
• Using these can help manage assets more
effectively, and well as support search and
location of assets when needed by site
members
• A project folder structure example is
depicted above
E Permissions & Metadata
• The HUB n Spokes model supports
inheritance of metadata and permissions,
with assets within an ecosystem are
associated
• Inheritance can also simplify management
of metadata and permissions, effectively
automating the process
• Apply permissions and metadata at the site
or library level as often as possible
• If further refinement is needed, try to limit
it to the folder level
• Tailoring metadata at the file level requires
ongoing manual management due to
accessibility conflicts that can arise
• - That said, site members can ‘share’ files
with individuals when needed to
collaborate with users outside the site
(another department, etc.)
23. Page 22
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
ADDENDUM
Records Management Labels & Conditions Matrix
MSFP Status (auto) Label Name Comment Notes
Format Active or Inactive
Text Text Text
Required? -
Yes No Notes
This property
specifies the
name of the
retention label
and must be
unique in your
tenant.
Supported
characters for
import: a-z, A-Z,
0-9, hyphen (-)
and the space
character.
Use this property
to add a
description about
the retention
label for admins.
This description
appears only to
admins who
manage the
retention label in
the compliance
center.
Use this property
to add a
description about
the retention
label for users.
This description
appears when
users hover over
the label in apps
like Outlook,
SharePoint, and
OneDrive.
If you leave this
property blank, a
default
description is
displayed, which
explains the
label's retention
settings.
Is Record Label Retention Action
Retention
Duration Retention Type Reviewer Email
True or False
No action, Auto-
Delete, Review
Required
Days, Months,
Years, Forever,
None
CreationAgeInDays
EventAgeInDays
TaggedAgeInDays
ModificationAgeInDa
ys Email
No, Unless
Regulatory is
True
No, Unless
RetentionDuratio
n,
RetentionType,
No, Unless
RetentionAction
or RetentionType
are specified
No, Unless
RetentionAction or
RetentionDuration
are specified No
24. Page 23
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
or ReviewerEmail
are Specified
This property
specifies whether
the label marks
the content as a
record.
Valid values are:
TRUE: The label
marks the item
as a record and
as a result, the
item can't be
deleted.
FALSE: The label
doesn't mark the
content as a
record. This is
the default value.
Group
dependencies:
When this
property is
specified,
RetentionAction,
RetentionDuratio
n, and
RetentionType
must also be
specified.
This property
specifies what
action to take
after the value
specified by the
RetentionDuratio
n property (if
specified)
expires. Valid
values are:
Delete: Items
older than the
value specified
by the
RetentionDuratio
n property are
deleted.
Keep: Retain
items for the
duration
specified by the
RetentionDuratio
n property and
then do nothing
when the
duration period
expires.
KeepAndDelete:
Retain items for
the duration
specified by the
RetentionDuratio
n property and
then delete them
when the
duration period
expires.
Group
dependencies:
When this
property is
specified,
RetentionDuratio
n and
This property
specifies the
number of days
to retain the
content. Valid
values are:
Unlimited: Items
will be retained
indefinitely.
*n: A positive
integer in days;
for example, 365.
The maximum
number
supported is
24,855, which is
68 years.
If you need
longer than this
maximum, use
Unlimited
instead.
Group
dependencies:
When this
property is
specified,
RetentionAction
and
RetentionType
must also be
specified.
This property
specifies whether
the retention
duration (if
specified) is
calculated from the
content creation
date, event date,
when labeled date,
or last modified
date.
Group
dependencies: When
this property is
specified,
RetentionAction and
RetentionDuraction
must also be
specified.
When this
property is
specified, a
disposition
review will be
triggered when
the retention
duration expires.
This property
specifies the
email address of
a reviewer in
your tenant for
the
KeepAndDelete
retention action.
You can include
the email
address of
individual users,
distribution
groups, or
security groups
in your tenant.
Specify multiple
email addresses
by separating
them with
semicolons.
Group
dependencies:
When this
property is
specified,
RetentionAction
(must be
KeepAndDelete),
RetentionDuratio
n, and
RetentionType
25. Page 24
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
RetentionType
must also be
specified.
must also be
specified.
Reference Id Department Name Category Sub Category Authority Type
Text Text Text Text
No No No No No
This property
specifies the
value that's
displayed in the
Reference Id file
plan descriptor,
which you can
use as a unique
value to your
organization.
This property
specifies the value
that's displayed in
the
Function/department
file plan descriptor.
This property
specifies the
value that's
displayed in the
Category file plan
descriptor.
This property
specifies the
value that's
displayed in the
Sub category file
plan descriptor.
This property
specifies the
value that's
displayed in the
Authority type
file plan
descriptor.
Citation Name Citation Url
Citation
Jurisdiction Regulatory Event Type
[Citation Name] [URL]
[Citation
Jurisdiction] True or False [EvenType]
No No No No
No, unless RetentionType
is EventAgeinDays
26. Page 25
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
This property
specifies the
name of the
citation
displayed in the
Provision/citati
on file plan
descriptor.
For example,
"Sarbanes-
Oxley Act of
2002".
This property
specifies the
URL that's
displayed in the
Provision/citati
on file plan
descriptor.
This property
specifies the
jurisdiction or
agency that's
displayed in the
Provision/citation
file plan
descriptor.
For example, "U.S.
Securities and
Exchange
Commission
(SEC)".
This property
specifies
whether the
label marks
the content as
a regulatory
record, which
is more
restrictive
than a record.
To use this
label
configuration,
your tenant
must be
configured to
display the
option to
mark content
as a regulatory
record, or the
import
validation will
fail.
Valid values
are:
TRUE: The
label marks
the item as a
regulatory
record. You
must also set
the
IsRecordLabel
property to
TRUE.
FALSE: The
label doesn't
mark the
content as a
regulatory
record. This is
the default
value.
This property specifies an
event type used for event-
based retention.
Specify an existing event
type that's displayed in
Records management >
Events > Manage event
types. Alternatively, use
the Get-
ComplianceRetentionEven
tType cmdlet to view the
available event types.
Although there are some
built-in event types, such
as Employee activity and
Product lifetime, you can
also create your own
event types.
If you specify your own
event type, it must exist
before the import because
the name is validated as
part of the import
process.
Examples from Company
Tenant: Employee
Activity, Expiration or
Termination of Contracts
& Agreement, Product
Lifetime
27. Page 26
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
Retention Labels & Policies: Capability Matrix
Capability Retention policy Retention label
Retention settings that can retain and then
delete, retain-only, or delete-only Yes Yes
Workloads supported:
- Exchange
- SharePoint
- OneDrive
- Microsoft 365 groups
- Skype for Business
- Teams
- Yammer
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes, except public
folders
Yes
Yes
Yes
No
No
No
Retention applied automatically Yes Yes
Retention applied based on conditions
- sensitive info types, KQL queries and
keywords, trainable classifiers, cloud
attachments No Yes
Retention applied manually No Yes
End-user interaction No Yes
Persists if the content is moved No
Yes, within your
Microsoft 365 tenant
Declare item as a record No Yes
Start the retention period when labeled or
based on an event No Yes
Disposition review No Yes
Proof of disposition for up to 7 years No
Yes, when you use
disposition review or
item is marked a
record
Audit admin activities Yes Yes
Audit retention actions No Yes *
Identify items subject to retention:
- Content Search
- Data classification page, content explorer,
activity explorer
No
No
Yes
Yes
28. Page 27
SHAREPOINT INFORMATION ARCHITECTURE GUIDELINES | Innovate Vancouver
Basic Retention Settings Matrix
Action Purpose
Retain content
Prevent permanent deletion and remain available for
eDiscovery
Delete content Permanently delete content from your organization
With these two retention actions, you can configure retention settings for the following outcomes:
Retain-only: Retain content forever or for a specified period of time.
Delete-only: Permanently delete content after a specified period of time.
Retain and then delete: Retain content for a specified period of time and then permanently delete it.