Microsoft Teams has added a lot of value to organisations looking for effective and fast collaboration. Additionally, Teams has enabled users to share and manage information at a single location seamlessly without moving content around to meet their content needs. But the key to using Teams effectively is how to implement it pragmatically across teams and users without impacting normal business processes.

There are various ways to implement Teams effectively but one of the key required implementation criteria is Governance and security. Now having done Microsoft teams deployment and implementation for last few years, I have been answering some of these queries for multiple organisations of various sizes; from few hundreds to thousands.

Some of the below queries might seem familiar to something that your organisation might be thinking of, and hence in this upcoming blog series we will be looking at answering some of them.

  1. How well can Microsoft Teams be Governed?
  2. What are the fundamentals of implementing Teams Governance?
  3. How do we manage creation and lifecycle of Microsoft Teams?
  4. What do we need to consider about data security and policies ?
  5. How about managing guests and how well can we audit them?
  6. What about roles and how well can we manage it in Teams flat structure?

To start with, in this blog, we will look at Teams governance plan at a high-level and fundamentals before deep diving into some of the core logistics and implementation criteria

Teams Governance Plan

The Teams Governance Plan could be classified under four broad headers. There are other ways we could try to approach it but below is the simplest broad groupings that I find useful.

  • Users and Secure Access
  • Creation Rules and Naming Standards
  • Compliance, Classification and Security
  • Teams and Content Lifecycle management

There is another aspect of Teams governance which is Teams Apps Governance, that I consider as a separate part of governance scope and will list it out in another blog series.

Now let’s take a high-level look at each of these categories. In the upcoming blogs of this series, we will deep dive into each of these concepts and get a plan for implementing each.

In the above diagram, as we can see there is an underlying layer of Teams Architecture which is critical for the successful ongoing management of the Governance Plan. We will talk more about Teams architecture in another series of upcoming blogs.

Users and Secure Access

Users and Secure Access are keys tounderstand the scope and how well a Team can be managed. In other words, it gives us an idea of how we can create an effective governing structure and plan for proper management of access for its users and content.

Teams, at a high level, provides us with three broad groupings of users.

  • Owners
  • Members
  • Guests

Now this might look simple but there are a lot of aspects that might influence how best we can use the concept of owners, members and guests to secure access to content. The guest access is one of the critical aspects of Teams security planning. We will look at how to manage the guest access in Teams in a later blog part of this series. There is also known concept of Channel moderators which is not use to its fullest as of now.

In a separate blog of this series, we will explore this in more detail and look at guest access options and possible scenarios to manage.

Creation Rules and naming standards

Creating the right number of Teams is critical for operational management of Teams and prevent uncontrolled sprawl of Teams. Now there is no direct answer to how many Teams is the right number and various factors influence what would be governing reason for putting control on creation of teams. In later blogs, we will look at what kind of creation rules we should have and how to better name them, so it is easier to locate and find them.

Note: We will look at some of these governing factors such as organisation structure, 
working model of business teams that influence creation of teams in the Team Architecture blog series

Compliance, Classification and Security

Classification and compliance are critical for organisations to manage the requirements for legal and more importantly preventing data loss both intentionally and unintentionally.

Traditionally, users had to create and collaborate on content separately and then move it to a Records management tool for managing compliance and classification. However, this means that either some of the compliance rules have been forgone during creation or have duplication of data.

Hence having an upfront security and compliance architecture helps to manage and contain important information at a single location without losing track of it

In the upcoming blogs, we will look at classification and compliance in detail and how implementing them can significantly reduce the risk of data loss.

Teams and Content Lifecycle management

Teams and Content Lifecycle Plan is an important part in keeping the content in your collaboration space current and managed properly.

For example, if the content in your sites are more than 10 years old, is it of any beneficial to retain the content for this long? Also, in certain cases organisations require the content to either renewed such as contracts or archived so that the content is not lost. In all these cases, we need to provide rules and criteria to provide guidance to what happens to the content past its life period.

The automated management of Teams as a whole or content individually provides administrators a centralized overview and control of content that might be dispersed and managed across various Teams, SharePoint sites and Groups.

In the upcoming blogs, we will look at the various options available and ways to make the Teams and content life-cycle smarter.


In this blog, we looked at the high-level governance areas for a Teams Governance implementation. Remember, don’t make governance at the last part of your Teams deployment, but it should go hand in hand with your implementation. 

As a final reminder, please keep an eye for the upcoming blogs, where we will look at each of the above in detail and get an understanding of how to use them effectively.

  • Users and Secure Access
  • Creation Rules and Naming Standards
  • Compliance, Classification and Security
  • Teams and Content Lifecycle management

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s