SharePoint – Quick! Tell me why you are doing it.

141795_library-fantasy-art-books-artwork-4000x2500-wallpaper_www.wall321.com_39-600x375

I have seen many situations where the actual reason for “doing SharePoint” is something that gets asked long after its implementation (if at all)

Antony Clay wrote a brilliant piece on what the real vision is when companies start talking about using SharePoint. This was originally written as a guest blogger for Cloud2.

Antony has been kind enough to allow me to publish it here also…

The Board and the SharePoint Platypus

Did I say Platypus? Sorry I meant platitude…

Platypus are cool, cuddly and can, from what I hear, add value to any organisation and SharePoint project by giving them a warm fluffy feeling.

Platitudes are not so good, platitudes are a huge challenge for the board and your SharePoint project. Platitudes insight confusion, lack of direction and hinder the delivery of SharePoint business value to your organisation

The definition of a platitude is a word or statement that is:

“…too overused and general to be anything more than undirected statements with ultimately little meaningful contribution towards a solution…”

So what relevance does this have to your SharePoint project and engaging with your board? Well it all stems from vision: Most failing SharePoint projects I have witnessed or been involved with do not have a clear vision; in fact an alarmingly significant proportion of companies I have engaged with don’t have a clear vision!

The challenge for SharePoint projects and their visions are that it is this vision that the board hears about, it is the vision that should tell the story of the value that the SharePoint can or will deliver to the organisation and so if that vision is not strong and clear, the board will get mixed messages, the board “won’t get it”, the board will struggle to engage with the project and, in essence won’t give a damn.

Typical SharePoint project platitudes include some of these, do you recognise them? I thought so!:

    • “Better Collaboration” [better than what, fileshares, our competitors, why?]
    • “Be more social” [why do we need to be more social?]
    • “Take control of our information” [to what end, what if we don’t?]
    • “Improve efficiencies” [Company, department, me? By how much? What does good look like?].

That’s just a sample of platitudes that I see pinned to the mast as visions to SharePoint projects and in every case you can misinterpret, ask the question why and not understand how you measure and achieve that vision.

This is our challenge. In my experience a good vision serves three very valuable roles:

  • Defines the difference that the project will make in business terms
  • Enables us to align business requirements to the project Vision
  • Articulates to the board the value the project will deliver.

These three areas are all equally important and actually can all add substance and meaning to the conversations we need to have at board level.

Get a vision

Your first step to engaging the board effectively is to get yourself a vision. My absolute favourite activity for doing this is using ‘Cover Story taken from the book ‘Gamestorming’ (Gray, D., Brown, S., Macanufo, J., 2010). It is a great collaborative exercise if facilitated well, for defining your SharePoint vision, at a platform, project or even functional level.

Whatever the remit of an engagement, I always use this activity to ensure we all have a clear vision or goal to strive for during the engagement. As the activity is extremely collaborative, one advantage is that early on in the engagement I can gain an initial assessment of the dynamics of the stakeholders and whether they have a shared understanding of the goal. The activity also often unearths interesting insights into culture, personalities and the general dynamics of the group that I will need to work with and the organisation as a whole. In short, it can be a gold-mine of emergent value for you.

The exercise asks the participants to imagine that the project/initiative that they are working on has been successfully completed, actually it has not just been successful, but earth shatteringly awesomely successful! So much so that an international trade publication or Time magazine, have decided to run a full front-cover story on the project and the difference it made to the organisation and its customers!

On a whiteboard or very large piece of paper, in groups of 4-8, depending on the number of stakeholders, the participants build out the template I’ve sketched below using sketches, words, craft materials or post-it notes:

sharepointThe areas on the visual canvas are used to help derive certain ‘vision’ details and are defined as follows:

  • Cover – This is the front-cover and should contain the bold, hard-hitting story and perhaps images, that articulate the big story and the high-level difference that you have made delivering the project
  • Big Headlines – Here you convey the substance of the story, more detail, but still hard-hitting and usually aspirational key requirements or functional areas
  • Brainstorm – This area is used for ‘storing’ any ideas that don’t fit anywhere else, but quite often contains very interesting insights
  • Images – I tend not to use this for SharePoint Governance work, but the areas is meant for any visuals that help define your vision and the difference this has made
  • Quotes – This is really useful, what would people say about this great success? What do project members, business users, stakeholder or even customers say about what’s been delivered and the difference it has made?
  • Side-Bar – This area is for capturing the details; I encourage participants to use this area to come up with measures for the difference they have made articulated in %’s, $’s, £’s, time etc.

The resulting visual canvas is both beautiful, insightful and delivers a clear message, in the words of business stakeholders, of what they are trying to achieve. What you will also find is that as the group or spokesperson report back their ‘cover story’, they will be telling you a story. Actively listen and make copious notes, because as all great facilitators know, there is substantial value in what they say as well as what they have created.

When you are engaging the board, this vision is invaluable as it should really articulate the benefit, values and drivers for the project and you can and will continually refer back to it, as you steer your SharePoint project or platform towards its goal.

In my experience it’s what can make the difference between technology mayhem and SharePoint sanity!

Goal align to your vision

Once you have a clearly articulated vision defined in terms of ‘the difference it will make’, you can utilise another equally effective and disruptive activity in a range of scenarios to ensure the vision is effectively influencing your projects direction. It’s all about ‘Goal Alignment’ and it is a simple means of sense-checking what’s going on in a project:

“Ensuring that we are not delivering the wrong things really effectively!”

In my eyes, in order to truly reach the karmic state of delivering maximum business value, everything that happens in your technology platform and any subsequent projects must be aligned to directly or indirectly making a positive difference to your organisation. If it isn’t then don’t do it, or re-define it. Agile and lean approaches to manufacturing, technology and business, all strive to reduce waste, and however you’re implementing your SharePoint solutions, I think you should too. It may seem harsh or even verging on heretical to go around your projects telling people to stop what they are doing and move onto something else, but consider these common SharePoint ‘feature requests’:

  • Move the ‘Search’ box to the left-hand side of the screen
  • Animate the menu structure
  • Make SharePoint more ‘Social’
  • Have an information architecture based on our ever-changing organisational structure
  • Make the text flash if it’s important.

Seriously, do any of these actually add any value to your solution or to the business? The likely answer in all the cases above is no they don’t, so let’s stamp out this waste and focus on delivering the right things really well.

Now I am not saying that we shouldn’t have solutions that look good and exude a great user experience, we should; but let’s focus our precious resources on the things that really matter first.

This approach, albeit perhaps very annoying to the recipients, is relevant whatever phase or activity you are doing whether it’s coding a custom web-part, branding, creating a custom list, facilitating requirements, delivering training, managing on-going change or engaging with the board.

How do we achieve this project nirvana of just doing the things that matter and make a positive difference?

The answer is ‘Goal Alignment’.

Why? Fundamentally, this is a very effective approach to ensuring a shared understanding and allows you to question the value of what you are doing. If you already have a vision, then this is a simple validation technique:

sharepoint visionFor every programme, project, requirement or technical feature we can ask ‘why’ it supports the Vision, if it does, great; but if it doesn’t then we either need to redefine it or remove it from scope, as it must be waste, for this project at least.

This is also extremely powerful and useful when you’re talking to the board and gaining their trust and backing for your project. With a clear vision, any new requirements, ideas or projects the board may dream up you can sense-check it with them as to how it adds value to or supports the vision, if it doesn’t then it is clear and send a strong message as to why that ‘thing’ shouldn’t be pursued.

It’s much easier to say no to the board with your vision, a visual (goal alignment) and some post-it notes than just saying ‘No!’

Socialise your vision

sharepoint vision

Once you have the vision defined it’s time to socialise it, bring it forth in everything you are doing and make sure your aligned to it.

The visuals from the activity are very useful to replay in project documentation and display in project war-rooms, you’ll find that key pieces, statements etc. will resonate strongly with your business, use them, they are the voice of your business stakeholder and they are the backbone of your project.

It’s really important to not let these messages, this vision and your projects story to stagnate and the more it’s used the more it will take on its own life and increase in value.

The board need to be interested in your project, but for the most part they don’t really care about the technology and they’re not that fussed about what requirements you’ll be delivering.

What does matter is the value you’re project will deliver and the difference it will make to their business. The stories your vision can articulate and the messages it will reinforce are powerful ways of engaging and maintaining a strong relationship with the board and ensuring they are keen advocates for the delivery of business value through your SharePoint platform long term.

So for every project your deliver:

Hug a Platypus.

Engage your Board.

Stay away from Platitudes.

Build your own Vision.

Stay Aligned.

=============================================

The original post, at Cloud2, can be read by clicking here.

Age of the App

Brian's Blog

Rogers and Moore’s customer adoption curves illustrate the results of several factors in apparent opposition; Value and Risk.  This two primary factors have been used to explain customer purchasing behavior as well as clustering customers into groups based upon purchasing time within a product’s lifecycle.  These simple models, which have proven useful to traditional marketing and sales organizations, but may need to be adapted to today’s new market dynamics.

Markets are becoming saturated with feature-rich products that promise value at the end of long implementation and adoption curves.  This had placed the majority of revenue in vendors pockets while placing the majority of risk in customers hands.  However, with the introduction of cloud and other same units of functionality such as smart phone apps, customers are rethinking purchases and demanding value capture for purchase much earlier, almost immediately upon purchase.  This shifting dynamic is requiring companies to rethink new revenue models based upon consumption…

View original post 178 more words

Productivity, Gamification and SharePoint 2013 – slidedeck from Christian Buckley

Christian’s slidedeck on productivity and gamification is certainly worth highlighting…

 

Analysis of EMC Predictions

I have just discovered the Technology Services Group (TSG) blog. It has some really great posts in it. The Technology Services Group work with ECM technologies, and their posts describe how they apply these.

On December 10 they published a post titled “Predictions for EMC Documentum in 2013“. While their other posts have had some great material in them, the above mentioned post didn’t impress me.

TSG made predictions such as “Webtop Installations will start to Fade“, “Lots of Interface Evaluations“, and “Slowly Upgrading to D7“. These predictions are not very hard to make. Whenever any software company brings out new versions of their software (often which makes the earlier version obsolete), companies start considering, and evaluating the new software, Sorry – that’s a no-brainer.

Further to that, there were predictions that, in 2013, “Performance will be a hot topic” (when isn’t performance a ‘hot topic’? I’ve never heard anyone say “performance is slow, but that’s ok”), “Mobile Demands continue to grow“, and “Cloud Discussions, but Slow Adoption“. For these last two, there is nothing really surprising about them (“wow – did you know that people will be wanting to use an EMC app on their mobile device?!”).

The second to last prediction “SharePoint Discussions are Dead” reinforces what others are also saying (Even Gartner has ranked MS SharePoint lower this year in their Magic Quadrants, and you can read more on this in Herman Prasad’s post)

This leads me to the last prediction: “Maintenance Costs Increasing“….<speechless>

TSG – I’m not trying to be mean. You have written some great stuff, but these predictions are hardly that.

 

SharePoint and 5 Reasons

iDatix have recently posted an article on their web site titled “5 Reasons you are getting Shortchanged by SharePoint“. In it they raise some interesting points regarding some of the shortcomings of SharePoint.

Click here to see what they say…

Promise #11 – FirstDoc and D2

Refer14 Unfulfilled Promises

Background

In my post “FirstDoc & D2” I told you all (breathlessly) that there was going to be a webinar where CSC were going to discuss their plans regarding EMC’s D2 interface.

Verdict

Unable to Fulfil Due to a family commitment I was unable to attend this webinar. I had contacted with some people at CSC beforehand to to see if it would be recorded. The answer I got was “Yes”, but since then I have been advised that, because of the commercially sensitive nature of the webinar, it wasn’t. I certainly understand that that decision has been made. As such, though, I am not able to actually deliver on this promise.

FirstDoc & D2 – getting funky together

In an earlier post I discussed how EMC’s are now licencing D2 technology from C6, and that this meant that CSC are having to change their user interface strategy.

Well…on Tuesday, 6th of March, there is a webinar that will reveal what has been going on “behind the scenes”.

Some of my favourite CSC people will be discussing CSC’s “new, improved” customer interface strategy as “FirstDoc embraces D2” (their words, not mine).

I’ve been following this with interest for awhile, and I’ve registered for the webinar.

I’ll let you know all about it after the 6th.

Related articles

CSC has had to change their plans…

In my earlier post about the FirstDoc User Group conference that was held in Vienna earlier this year, I wrote about CSC’s User Interface strategy.

To recap – CSC produce technology that provides a compliance layer for content management systems. Although available for SharePoint systems (under the name “FirstPoint), the predominant application is “FirstDoc” which is built to work with, and integrate into, EMC’s Documentum.

The native FirstDoc client application is interwoven into Documentum’s client application and, as a result, CSC need to ensure that they shadow any architecture decisions EMC makes.

Over the last few years EMC have been making it clear that their way forward (with regards to their client applications) was to be with a technology called xCP. This would allow developers to create applications through configuring and then assembling components. The core idea is that “complex solutions are composed from interaction of Documentum objects with business processes”. Initially it was made clear that this technology was for case-based applications, but, the later versions were being promoted as the “interface solution”. (You can download EMC’s whitepaper on xCP here).

At the same time, EMC have announced that they had made plans to retire their current client application “WebTop”, and the idea was to replace it with xCP technology. CSC had been invited to be involved with version 2.1 of xCP to ensure that FirstDoc functionality could be tightly integrated with it.

At this year’s Momentum, however, EMC announced that they had licenced D2 technology from a French company called C6. (You can read the announcement here.) C6 have been EMC partners for a long time, and I recall seeing them at many previous Momentum conferences, where they have certainly caught people’s attention.

C6’s products work on the basis of “configuration“, and will be technology for “content-centric” applications.

C6 have also released x3, which is a “widget-based, agnostic browser, client interface that enables to extend the use of D2 Client to various browsers such as: Firefox, Safari, Chrome, Opera.”.

 Obviously this will offer incredible advantages. Especially in this mobile-age, and especially for industries (such as Pharma), that, because of strict compliance requirements (and the overarching mindset that that brings with it), have not been as “agile” as they could.

CSC have announced that they are working together with EMC to ensure that the tight integration between CSC’s FirstDoc client interface, and D2, will be maintained.

I am watching this space with interest…

Realizing True Records Management with Microsoft SharePoint 2010 – the Webinar

I’ve just signed up for a webinar that KnowledgeLake are holding entitled “Realizing True Records Management with Microsoft SharePoint 2010“. 

KnowledgeLake were gold sponsors at the SharePoint Best Practices conference that I went to in London earlier this year, and, I have to say, it was a top-notch event. I had visited KnowledgeLake’s booth and I’m curious about how good their product actually is.

So, it was with interest that I read the “Reasons I should attend“. These included the following:

  • LEARN how records management on SharePoint 2010 can lower cost and risk through transparent application of compliance policies and consistent disposition of content
  • DISCOVER why SharePoint will succeed in records management where other ECM platforms have failed
  • WATCH the demonstration of a document lifecycle in SharePoint: the capturing of paper and electronic files including email, application of metadata and classification criteria, search, retrieval, viewing and application of record declaration
  • RECOGNISE how to outline an enterprise approach for the implementation of SharePoint 2010 records management
  • HEAR the customer case study by MOEITS and how they are using SharePoint. The solution saved the union nearly $1 million and realised a return from their investment in four months.
  • CONTRIBUTE to the Question and Answer session

Now, the first reason seems to be pretty standard when describing the virtues of any content management system. As is a demonstration, as well as hearing a customer case study..(Just change the name of the ECM system.)

What really grabbed me by the short and curlies was the second reason “Discover why SharePoint will succeed in records management where other ECM platforms have failed“. Now, this is interesting…I want to hear about this secret sauce that McSharePoint has.

Reason 4 is also one that got my attention. Here the phrase “enterprise approach” really stood out. I’ve been involved with SharePoint since 2007, and, coming from an ECM background, it was very evident to me that SharePoint 2010 is now being hawked as a bigger beast. And this is not only in the “functionality” of SharePoint 2010, but also in other ways. There are more “enterprise-level” whitepapers out now, and the official Microsoft SharePoint training is focusing more on the “business-side” rather than just pure technology.

I’ve registered for the webinar. I’ll be taking notes, and will try and report back on my findings.

Reference Links

In SharePoint, where the heck do I fit in? ECM specialists in SharePoint

I’ve been very aware of something for awhile now…and that is “I don’t know where I fit in”. However, it wasn’t until recently when I read Nick Inglis’ blog post that I really came to realise that my “problem” is actually not an uncommon one.

In his post Nick comments that when he’s speaking at a SharePoint event, he often gets categorized under “Other“.

This is because (as he states) the SharePoint world doesn’t quite have a place for those who do work with SharePoint but in an ECM/ERM/Governance capacity.

The Salem Consulting Group have made a list of “plausible” SharePoint roles. I have listed them below, and have added a quick description in between parentheses. These include:

  • SharePoint Strategist (Complete business, and application knowledge. Has vision)
  • SharePoint Practice Lead (Subject Matter Expert with technical, consulting & strategic skills)
  • SharePoint Solutions Architect (Can translate Business requests into technical SharePoint solution)
  • SharePoint Technical Architect (senior) (Deepest technical understanding of SharePoint)
  • SharePoint Architect (Focused on the design, build, and configuration of the SharePoint platform and solution from a purely technical viewpoint)
  • SharePoint Infrastructure Architect (Responsible for designing and building multi-farm enterprise SharePoint architectures.)
  • SharePoint Search Architect (Familiar with taxonomies, folksonomies, etc. Can design & configure federated search solutions.)
  • SharePoint Information Architect (Has the knowledge/experience to design and build logical information frameworks)
  • SharePoint Farm Administrator (Manages the day to day administration of SharePoint.)
  • SharePoint Administrator (Looks after site collections, etc)
  • SharePoint Developer (A range of developer skills including .NET, C#, C++, Jquery and a wide range of other languages.)
  • Infopath and Workflow Designer/Administrator (Customer facing, and familiar with Infopath & Designer)
  • SharePoint User Interface Designer (Graphic designer for SharePoint who can create the user interface designs.)
  • SharePoint Business Analyst (Can interpret business requirements and offer a solution using the standard SharePoint services and features.)
  • SharePoint Programme/Project Manager (Project Management skills as well as fundamental technical understanding of SharePoint.)
  • SharePoint DBA (SQL) (Know how to manage the SharePoint SQL databases.)
  • Active Directory Administrator (Can set up the overarching security architecture).
  • SharePoint Workflow Specialist (For when using 3rd party tools for workflow.)
  • SharePoint BI Analyst/Architect/Administrator (Someone with specialist SharePoint BI skills include cube analysis etc etc)
  • SharePoint Integrator (Able to integrate SharePoint with other systems -SAP, Documentum, etc.)
  • SharePoint Mobile Specialist (Deep knowledge of Groove (2007) and SharePoint workspaces (2010) including the management and relay servers.)
  • SharePoint Trainer/Instructor
  • SharePoint User Adoption Specialist (Involved with the strategies of how to get the users to use the SharePoint solutions).

(Note – The original post (authored by Ian McNeice) from Salem offers a more detailed description of these roles. The link is at the end of this post.

In Nick’s post, he describes an “Information Professional“.

These are the people that have been busy developing models of governance … and have been driving forward the conversation about how SharePoint can be used as a “proper” ECM (and yes, maybe even ERM) system.

Looking at Ian’s list, I think the closest role that matches this is the “Information Architect”. This is the person who insists on maintaining a correct classifications, taxonomies, etc while has expertise in document management, version control techniques, data retention polices, publication and archiving practices.

Being prompted by Nick’s post, and then looking through Ian’s post has certainly help me better “label” myself.

Prior to this, even though I have worked in the Document Management field for over 10 years, I could never find a way of describing my skill set to a “SharePointy” (is that what you call a SharePoint fan?). I can set up, and administer SharePoint sites. I can design user interfaces. I can set up farms, as well as write kick-ass documentation. But I could do more than that.

Thanks to Nick and Ian, I’m going to go and update my LinkedIn profile.

Excellent References

Momentum – another year – another set of announcements

As mentioned – I didn’t get a chance to go to Momentum in Berlin this year.

However I was able to get a pretty good idea of what was covered thanks to the great streaming video that EMC had, as well as the great tweets that be “tweeted”, and the excellent blog posts that were written.

I’ve been to a few Momentum’s now, and while they are a great opportunity to really “talk” with the EMC people, and their partners, I always had the feeling that the things I heard, I had, more or less, heard at the previous Momentum, or that what was big one year, suddenly falls to the wayside.

Now I realise that changes to strategy get made all the time, and that new technology takes more than one year to design, develop and integrate, and it’s great to see that EMC is: a) responsive to changes in the market environment, b) keeping its customers well informed of the progress that they are making, but to mention a few examples…

  1. Centerstage – in 2009 this was being hawked as the new Documentum interface. Now where is it?
  2. XPlore – really glad to see that EMC have been busy with their own search engine. And I have been following this with interest. However has there been anything new over the last couple of Momentums?
  3. SharePoint – also really interested in this but, again, are we hearing anything new with regards to the EMC offering for integration with SharePoint?

It wasn’t until I spoke with a colleague, who made a similar comment, that I started to really think about this. Then I saw this tweet from Jed Spink that I realised that others also had the same thought.

I appreciate that my view might not be a perfect one, and that there might be situations where I am wrong.

I want to hear what you think? Am I right? Or am I totally wrong?…

EMC Momentum 2011, Berlin – Smartphone APP

I’ve just discovered the EMC Momentum app. Even though I’m not at the conference – this looks like a great tool to have!

It lists:

  • Alerts
  • Exhibitors
  • Maps
  • Events
  • Speakers
  • Photo Gallery
  • Videos
  • Twitter
  • News
  • Facebook, and
  • LinkedIn

Check out the maps of MMTM11

Watch videos from MMTM11

Man! What a great tool!

Read more about it here
(https://community.emc.com/thread/120187)

FirstDoc, FirstPoint, NextDocs – a “rough notes” comparison

21 CFR 11 Compliance evaluationA reader has recently asked if I had any information on the differences between FirstDoc, FirstPoint and NextDocs.

To do a full feature-for-feature comparison of all the solutions is not something that I can easily do.  However I have been able to get my hands on some great documentation, and can put together a “rough notes” comparison of the three solutions with regards to the core system, and how each solution complies with 21 CFR Part 11.

Note – this is version 2 of this post. After publishing the initial version, one of the vendors was able to provide me with a later version of their compliance statements. The table below has been updated as well as the Comparison PDF that can be downloaded. This is marked as Version 2. The link in the references still links back to the original compliance statement.

Important Note 1:

The FDA regulation, 21 CFR Part 11, is often update and modified. The documentation that I was able to find from CSC, and NextDocs appears to have been created at different times. As a result – I found some “discrepancies” between them. Sometimes the wording in the material I had, didn’t match the current version of the regulations. However, the “intent” is still the same.

Important Note 2:

I do not claim to be an expert in 21 CFR 11. Nor do I claim to be an expert in each of the different platforms/applications described in this post. I will list my references at the bottom this, but I make 2 recommendations:

  1. 21 CFR Part 11 can be interpreted in slightly different ways. Discuss with your internal QAV people what the expectations are.
  2. Make contact with the vendors in question to really determine whether their application fits your requirements.


21 CFR Part 11

To get read what is specifically contained in 21 CFR Part 11, click on this link. This will open the FDA’s “CFR – Code of Federal Regulations Title 21” site.

Product Comparison

Below I have listed each vendors response to each of the regulations outlined in 21 CFR 11.

This was compiled using information that can be found on the Internet. (I include reference links at the bottom of this post, as well as in the PDF.)

However, as mentioned – this is intended merely as a guideline. I encourage you to contact each of the vendors directly to get an updated statements of compliance, as well as information on server configuration/sizing & prerequisite software.

(Note to vendors – if you feel that there are errors, please let me know in the comments, and I will make the necessary corrections).

You can also click HERE to download a PDF version.

FirstDoc, SPX, FirstPoint & NextDocs

Subpart B – Electronic Records
§ 11.10 CONTROLS FOR CLOSED SYSTEMS

21 CRFR 11 Requirement FirstDoc FirstPoint NextDocs
(a) Validation of systems to ensure accuracy, reliability, consistent intended performance, and the ability to discern invalid or altered records. FirstDocis developedin accordance with the CSC LSQMSadvantage™, an ISO 9001:2000 certified Quality Management System.QMSadvantage and FirstDochave been audited by many pharmaceutical clients. As part of a formal vendor audit, CSC canprovide evidence that FirstDoc is developed and testedin accordance with QMSadvantage.FirstDoc has been validated by many clients. CSC offers a validation package (consisting of validation plan, traceability matrix, and IQ/OQ/PQ protocol templates and OQ protocols) with each release of the FDRD, FDQ&M, and FDTMF products. FirstPoint is developed in accordance with the CSC LS QMSadvantage™, an ISO 9001:2000 certified Quality Management System. QMSadvantage™ has been audited by many pharmaceutical clients. As part of a formal vendor audit, CSC can provide evidence that FirstPoint is developed and tested in accordance with QMSadvantage™.FirstPoint is “validation ready” for its clients upon completion of installation and configuration. Full IQ, OQ validation scripts, a PQ template and supporting services available from CSC for interested clients. Validation is ultimatelythe responsibility of the client as validation can only be performed in the environment in which the softwarewill be used, and against specifications defined by system users.NextDocs offers a validation toolkit to streamline the validation process.The toolkit includes a sample validation master plan and traceability matrix, ready-to-run scripts for IQ and OQ, summary report templates, and sample PQ scripts.NextDocs also has standard professional services packages that include assistance with validation planning, PQ script preparation, and managing PQ script execution and documentation activities.
(b) The ability to generate accurate and complete copies of records in both human readable and electronic form suitable for inspection, review, and copying by the agency. Persons should contact the agency if there are any questions regarding the ability of the agency to perform such review and copying of the electronic records. Documentum will satisfy this requirement in conjunction with a company’s records management policy. Features of Documentum that support generation of accurate and complete copies in human readable form include the generation of PDF renditions and the ability to view and print these renditions in accordance with a system’s defined security rules.Additional support for this requirement is provided by FirstDoc’s automatic PDF rendition generation feature. Each time the content of a document is modified and the modifications checked in, FirstDoc generates a PDF rendition from an approved rendition generation station if the format supports transformation to PDF. Automatic transformation to PDF ensures that all documents will be readable in the foreseeable future. FirstPoint satisfies thisrequirement by managingaccurate and complete copies of files in human readable form with the tight integration with the Microsoft Office Suite of products andthe generation of PDF renditions and the system generated and maintained metadata. The system also provides human readable audit trails and reports. The ability to view and print these files and associated metadatais managedin accordance with a system’s defined security rules.All relevant recordsare maintained in their native file format within a robust MS SQL database and MS SharePoint environment. FirstPoint generates a PDF rendition from an approved rendition generation station, if the format supports transformation to PDF. Automatic transformation to PDF ensures that all documents will be readable into the foreseeable future. Actual generation of records is a client responsibility. NextDocs facilitates generating copies of records by:

  • Viewing records in native electronic format with any computer running one of several supported browsers.
  • Allowing records to be exported by dragging and dropping to any desired file system location
  • Providing sophisticated controlled, uncontrolled and clean copy printing capabilities

 

(c) Protection of records to enable their accurate and ready retrieval throughout the records retention period.
  • Documents may be retained in the system throughout their retention period, or an archiving process developed to store them outside the system. Documentum’s built-in archiving capability can be used to migrate content offline while maintaining metadata in the docbase.
  • FirstDoc uses Documentum’s robust security, which limits the capability for modifying and deleting records to designated users. FirstDoc automatically applies security to Approved documents that prevents them from being deleted or modified.
  • The FirstDoc product also includes an optional Records Management module which implements retention policies and allows deletion of records which have reached the end of their retention periods in accordance with a standard process.
Documentsmay be retained in the system throughout their retention periodthrough the use of a built-inlifecycle management system.FirstPoint applies robust security across the entirelifecycle, which prevents and limits approved or historical records from being deleted or modified except by specifically designated users. A document restore feature is available to the system administrator that allows for the retrieval of deleted records.All FirstPoint content is retained for retrieval until some business rule criteria has been meet to trigger the destruction. Records retention fun includes the ability to purge specific cycles of minor or major versions at the Library Level and purge working comments and draft comments after a specified retention period.  NextDocs systems automatically “lock down” official versions of documents so that they cannot be deleted or modified without following system configurable change control procedures.
(d) Limiting system access to authorized individuals.
  • The underlying Documentum application implements a secure username and encrypted password (generally the network password) to limit access to authorized individuals.
  • FirstDoc augments Documentum security by providing automatic application of a client’s defined security scheme. Users cannot modify security outside of the rules defined by the client.
  • FirstPoint provides a secure username and encrypted password for all users in addition to the network access/password system.
  • FirstPoint augments the SharePoint basic Library level security by allowing permission sets to be applied based on any metadata in the system. This allows for content to have a more granular security model based on role, site, project, product etc, and allows for confidential documents to have a restricted access permission set.
  • FirstPoint also provides application level rights to system and business administration function such as setting up workflow and other business rules templates.
In general, an SOP is needed to define the roles and responsibilities for the administration and maintenance of the groups and users for the system and/or network permissions. Access to NextDocscan be controlled by configuration. Securitycan be configured to use Active Directory or Active Directory Lightweight Directory Services accounts or accounts created within SharePoint. Internal users with on-premises deploymentscan access NextDocs applications through single sign-on without requiringadditional system login unless performing a signature related action in the system.Alternatively, if a client’s Part 11 interpretation requires explicit sign-onto access the system, single sign-oncan be disabled. Internal users with hosted deployments access NextDocs applications by providing a user name and password.External users access NextDocs applications by providing a user name and password. Depending on a client’s security set-up, Virtual Private Network (VPN) access may be required as well.
(e) Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not obscure previously recorded information. Such audit trail documentation shall be retained for a period at least as long as that required for the subject electronic records and shall be available for agency review and copying.
  • FirstDoc uses the Documentum audit trail capability augmented by audit trail entries produced for custom FirstDoc events. Example events include checkin, save, destroy, status change and user acknowledgements, such as review and approval outcome — including electronic signature. Since the audit trail must be maintained for the life of the record, Documentum’s Purge Audit Trail capability should not be used unless the audit trail has been migrated offline as controlled by a client’s SOP. Note: This assumes that the approved record is the electronic record. Audit trail entries for draft, minor versions of records can be deleted using the FirstDoc purge minor version functionality if the clients’ policies dictate.
  • FirstDoc provides thecapability for authorized users to change document metadata on approved records. In this case, an audit trail entry captures the previously recorded values so they are not obscured.
    • SharePoint records all events that occur on documents, the time and date of the and the username of individual (or system account) performing the action.
    • FirstPoint also provides a preconfigured, system generated audit trail report for each document that records the date/time of all critical events that occur during the entire of the document or record from creation, review and approval.
      The username of the individual (or system account) who invoked each action during the history of the document is also shown in the audit trail report.
      Information pertaining to previous document will continue to be displayed in the audit trail report, even as new versions of the document are created.
    • The audit trail report is presented as a single viewable and printable file.
    • The audit trail report is systematically generated, and cannot be overwritten or otherwise modified by any user.
NextDocs records:

  • Record modification events including check-in and check-out.
  • Move, copy, delete and undelete events.
  • Electronic/Digital Signature events.
  • Lifecycle promotions and demotions
  • Workflow events
  • Permission changes
  • Record viewing (configurable).

Audit trail entries include event, user name and server-based time/date stamp. Local time/date stamps can also be configured if desired.

Audit trail records are retained indefinitely unless manually purged from the system.

NextDocs also provides access to and copying of the audit trail. The audit trail can be saved to Excel with a single click for advanced sorting, filtering and analysis.

(f) Use of operational system checks to enforce permitted sequencing of steps and events, as appropriate. These checksare implemented within a number of system functions. They include client-defined control over:

  1. Enforcing the use of approved templates only in creating documents
  2. Limiting property values to predefined dictionary lists wherever possible
  3. Requiring entry of mandatory attributes
  4. Enforcing storage in a pre-defined hierarchy (cabinet/folder structure)
  5. Enforcing a defined document lifecycle and approval process
  6. Ensuring that all required electronic signatures are obtained (if electronic signatures are used)
These checks areimplemented within a number of system functions. They include client control over:

  • The use of approved templates in creating documents/records.
  • Predefined metadata dictionary lists which structure dependent valid choices.
  • Enforcement of mandatory metadata fields where required.
  • Enforcing a defined document lifecycle requiring a specific, defined review and approval process via document workflow
  • Enforcing the review and approval of the PDF rendition of the document, since that is generally considered to be the approved electronic record
  • Ensuring that all required electronic signatures or electronic approvals are obtained using systematic participant selection and voting rules.

 

These checksare implemented ina number of areas. Some examples include:

  • Ensuring that documents follow a defined lifecycle
  • Ensuring that workflows are used when needed to move a document through its lifecycle
  • Ensuring that documents are properly set up to display digital signatures before they can be signed
  • Ensuring that all required signatures are collected before a document is approved
  • Ensuring that documents meet requirements such as having a valid PDF rendition before becoming approved or effective
  • Ensuring that all required metadata is entered for a document
  • Enforcing the use of approved templates for authoring
  • Limiting pick lists to appropriate values when creating or modifying document properties
(g) Use of authority checks to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or computer system input or output device, alter a record, or perform the operation at hand. These checksare implemented within a number of system functions. They include client-defined control over authorization for:

  • Document creation
  • Document access (delete, write, read, etc.) (via ACL security)
  • Changing status
  • Initiating and participating in the review and approval process
  • Signing documents (if electronic signatures are used)
  • Establishing document relations including change request relationships
  • Performing various types of business administration functions including dictionary maintenance, training record control, etc.
A series of authority checksare implemented within system functions. They include the following client defined controls:

  • Network access with unique ID and password controlled at the operating system level.
  • The SharePoint permission model controls document security at the Library (a collection of documents) and for draft versus approved documents.
  • FirstPoint enhances this security model which allows additional security layers to be implemented based on document metadata. This is useful for documents required restricted, confidential controls.
  • Documents that are part of a workflow process receive enhanced security in that only those selected participants have access to the in progress document.
  • System configuration, maintenance and other types of business administration functions are accessed only by those individuals with specific access rights.

 

These checksare implemented ina number of areas. Some examples include limiting the following to authorized users:

  • Modifying a document’s content or properties
  • Initiating or participating in workflows
  • Applying digital/electronic signatures
  • Modifying system configurations
  • Generating controlled or uncontrolled copy prints
  • Modifying essential information, such as study investigators
  • Approving requests for system access
(h) Use of device (e.g., terminal) checks to determine, as appropriate, the validity of the source of data input or operational instruction. This requirement in general does not apply to FirstDoc since the system does not have any functionality where information is valid only when entered from specific terminals. If a specific client has this requirement, CSC will address the requirement for that client. This requirement in general does FirstPoint since the system does not have any functionality where information is valid only when entered only from specific terminals. If a specific client has this requirement, CSC will address the requirement for that client. This requirement does not apply to NextDocs since the system does not have any functionality where information is valid only when entered from specific terminals.
(i) Determination that persons who develop, maintain, or use electronic record/electronic signature systems have the education, training, and experience to perform their assigned tasks.
  • CSC maintains resumes and training records on all team members.
  • CSC provides training to key client team members including business users, business administrators, and system administrators.
  • Upon request, CSC can provide developer training to non-CSC developers employed by the client.
  • CSC maintains resumes and training records for all its team members.
  • CSC will also help generate training records to track any training it provides to the client’s personnel.
NextDocs maintains resumes and training records s to provide evidence that our employees who develop and deploy our software are trained and qualified to do so.NextDocs also provides client-specific training documentation to help our clients comply with this requirement. We also offer end user training, train-the-trainer training and administrator training.
(j) The establishment of, and adherence to, written policies that hold individuals accountable and responsible for actions initiated under their electronic signatures, in order to deter record and signature falsification. N/A This requirement is not applicable at a system level but requires a procedure to be implemented by the client. Client responsibility
(k) Use ofappropriate controls over systems documentation including:(1) Adequate controls overthe distribution of, access to, and use of documentation for system operation and maintenance.(2) Revision and change control procedures to maintain an audit trail that documents time-sequenced development and modification of systems documentation. Electronic audit trail for the appropriate document types must be enabled if documentation is maintained in electronic format.
  • CSC will provide the client copies or access to system documentation corresponding to the licensing agreement and version of the product.
  • CSC maintains a strict version and change control methodology for its product, product related documentation and training materials.

 

NextDocs’s documentationis maintained in our configuration management system and available for review during audits.However, ultimately it is the client’s responsibility to control system documentation in their environment.NextDocs’ release notes describe the names and versions of documentation that apply to each product release. In addition, each client receives documentation specific to their NextDocs implementation.
§ 11.30 Controls for Open Systems. Same as § 11.10 plus document encryption and use of appropriate digital signature standards to ensure, as necessary under the circumstances, record authenticity, integrity, and confidentiality.
  • If the system is judged to be an open system, it would require encryption and digital signature standards. This is not part of FirstDoc and can be contracted as an option if needed.
CSC believes the FirstPoint products are a closed system so section 11.30 is not applicable. NextDocs systems that are hosted may be considered open based on the specific circumstances and the client’s 21 CFR Part 11 interpretation. The use of digital signature is available in all NextDocs products to fulfill the additional requirements imposed on open systems.

Subpart B – Electronic Records
§ 11.70 SIGNATURE/RECORD LINKING

21 CFR 11 Regulation FirstDoc FirstPoint NextDocs
Electronic signatures and handwritten signatures executed to electronic records shall be linked to their respective electronic records to ensure that the signatures cannot be excised, copied, or otherwise transferred to falsify an electronic record by ordinary means.
  • Signature information is stored as document properties.
  • Signature information is also displayed as non-editable properties on the Properties screen.
  • • Signaturesare removed when a documentis edited, copied, or otherwise modified.
    • Electronic signatures can only be applied to a document\record through the administrator-configured workflow process and the proper execution of approval rules.
    • The signature page is fused to the PDF rendition of the document and cannot be excised from the document.
    • Signature information is also retained as non-editable data in the database and is displayed in the document’s audit trail report.
    • When a document is revised or copied, the signature page is removed from the new version of the document.
Signatures are bound directly to a specific version of a document.NextDocs digital signaturesare based on Public Key Infrastructure (PKI) and are a result of a cryptographic operation that guarantees signer authenticity, data integrity and non-repudiation of signed documents. The digital signature cannot be copied, tampered or altered.Digital signatures appearing in a document automatically appear as invalid when the document changes in any way.During change control the signature is removed for the draft version in anticipation of future approval and signing.

Subpart C – Electronic Signatures
§ 11.100 General requirements.

21 CFR 11 Regulation FirstDoc FirstPoint NextDocs
(a) Each electronic signature shall be unique to one individual and shall not be reused by, or reassigned to, anyone else.
  • The client will need an SOP on establishing and maintaining user profiles as applied to the assigning of a unique ID code/password combination to only one individual and maintaining a list of user profile information in perpetuity.
  • Documentum can assist with this via the ability to disable (rather than delete) users who are removed from the system. By leaving the users in the system, but disabling them, re-use of their user IDs will not be possible.
  • The network operating system ensures a unique userid which is used to execute the electronic signature.
    FirstPoint allows the administrator to lockout or disable accounts, as well as delete users from the system.
Since NextDocs is generally implemented such that user credentialsare supplied via Active Directory (or Active Directory Lightweight Directory Services), complianceis built in.Active Directory willensure that a user name cannot be re-used within a given domain, andprovide the ability to disable (rather thandelete) users whoare removed from the system. By maintaining a record ofprevious users, reuse of user IDswill not be possible.NextDocs signatures authenticate the content of documents by attributing the signer to the signed document. Every signer is identified by an issued certificate (or by that of an external trusted entity). This identification is based on the fact that the user is a recognized employee in the organization.
(b) Before an organization establishes, assigns, certifies, or otherwise sanctions an individual’s electronic signature, or any element of such electronic signature, the organization shall verify the identity of the individual. The client will need SOPs on establishing and maintaining user profiles as applied to the verification of a user identity. This requirement needs to be met with a client’s business processes. CSC can help establish work instructions or training procedures to assist with the on-boarding process Client Responsibility
(c) Persons using electronic signatures shall,prior to or at the time of such use, certify to the agency that the electronic signatures in their system, used on or after August 20, 1997,are intendedto be the legally bindingequivalent of traditional handwritten signatures.

  1. The certification shall be submitted in paper form and signed with a traditional handwritten signature, to the Office of Regional Operations (HFC-100), 5600 Fishers Lane, Rockville, MD 20857.
  2. . Persons using electronic signatures shall, upon agency request, provide additional certification or testimony that a specific electronic signature is the legally binding equivalent of the signer’s handwritten signature.

 

  • The client will need to submit a letter to the FDA certifying that they consider electronic signatures are the legally binding equivalent to handwritten signatures.
  • The client will need SOPs on establishing and maintaining user profiles showing that a given individual accepts that the electronic signature is the legally binding equivalent of handwritten signatures.
  • This requirement needs to be met with a client’s business processes.
Client Responsibility

Subpart C – Electronic Signatures
11.200 Electronic signature components and controls.

21 CFR 11 Regulation FirstDoc FirstPoint NextDocs
(a) Electronic signatures that are not based upon biometricsshall:(1) Employ at least two distinct identification components such as an identification code and password.(i) When an individual executes a series of signings during a single, continuous period of controlled system access, the first signing shall be executed using all electronic signature components; subsequent signings shall be executed using at least one electronic signature component that is only executable by, and designed to be used only by, the individual.(ii) When an individual executes one or more signings not performed during a single, continuous period of controlled system access, each signing shall be executed using all of the electronic signature components.

(2) Be used only by their genuine owners; and

(3) Be administered and executed to ensure that attempted use of an individual’s electronic signature by anyone other than its genuine owner requires collaboration of two or more individuals.

NoteContact CSC directly for their comments on how FirstDoc meets this regulation.  FirstPoint incorporates the user’s network account and password for general access to the system, which is also used for electronic signature approval. FirstPoint requires the re-entry of both identification components (user ID and password) each time an electronic signature is executed.. Each time a signature is applied, both a user name and password are required.NextDocs supports a configurable automatic time-out during periods of system inactivity. This time-out will also end a user’s continuous and controlled access to the system.
  • (b) Electronic signatures based upon biometrics shall be designed to ensure that they cannot be used by anyone other than their genuine owners.
FirstDoc can support the use of biometric solutions through customizations. Customizations for biometrics are not in the scope of this document. FirstPoint can support the  use of biometric solutions through customizations. Customizations for biometrics are not in the scope of this document. NA – Biometrics are not used by NextDocs.

Subpart C – Electronic Signatures
§ 11.300 CONTROLS FOR IDENTIFICATION CODES/PASSWORDS
Persons who use electronic signatures based upon the use of identification codes in combination with passwords shall employ controls to ensure their security and integrity. Such controls shall include:

21 CFR 11 Regulation

FirstDoc

FirstPoint

NextDocs

(a) Maintaining the uniqueness of each combined identification code and password, such that no two individuals have the same combination of identification code and password.
  • Documentum and Unix/Windows Server will provide most of this functionality. See Item § 11.10 (a).
  • The client will need an SOP on establishing and maintaining user profiles.
  • The client’s network user authentication methodology provides this functionality.
See item § 11.100 (a).
(b) Ensuring that identification code and password issuances are periodically checked, recalled, or revised (e.g., to cover such events as password aging).
  • Both Trusted Unix and Windows Server can be used to require periodic aging of passwords.
  • The client will need an SOP on establishing and maintaining user profiles.
  • The client’s network user authentication and password encryption methodology provides this function
This is a client responsibility, generally achieved through settings in Active Directory. Windows and Active Directory infrastructure can enforce password policy for complexity and expiration. Windows integrated authentication and Basic authentication can leverage this automatically.
(c) Following loss management procedures to electronically deauthorize lost, stolen, missing, or otherwise potentially compromised tokens, cards, and other devices that bear or generate identification code or password information, and to issue temporary or permanent replacements using suitable, rigorous controls.
  • The client will need an SOP covering loss management for passwords.
  • If devices are used, the client must have an SOP covering loss management.
  • NA
NextDocs does not make use of tokens, cards, and other devices that bear or generate identification code or password information.Windows and Active Directory administrators can deactivate users, change users’ passwords, or require users to change passwords after issuing a temporary password. Windows integrated authentication and Basic authentication can leverage this automatically
(d) Use of transaction safeguards to prevent unauthorized use of passwords and/or identification codes, and to detect and report in an immediate and urgent manner any attempts at their unauthorized use to the system security unit, and, as appropriate, to organizational management.
  • Both Trusted Unix and Windows Server can be used to disable user accounts after a configurable number of unsuccessful attempts.
  • The client will need an SOP containing the procedure for reactivating accounts.
  • The client’s network user authentication methodology provides this functionality.
  • Windows can disable user accounts after a configurable number of unsuccessful attempt
This is a client responsibility, generally achieved through settings in Active Directory.The Microsoft Windows family of products can audit logon changes and failed attempts. Group policy can enforce account lockout policy to help to prevent brute force password guessing. Lockout policy is based on failed attempts for a time window and users can be locked out for specified times before they can attempt again (or not).
(e) Initial and periodic testing of devices, such as tokens or cards, that bear or generate identification code or password information to ensure that they function properly and have not been altered in an unauthorized manner.
  • If such devices are used, the client must have such a policy in place.
  • NA
NextDocs does not make use of tokens, cards, and other devices that bear or generate identification code or password information.


Audit Trail Functionality

Audit Trails is an included feature in FirstDoc. Documentum has its own audit trail capabilities, with FirstDoc adding on to Documentum’s audit trail system. Table 3 discusses the Audit Trails functionality that FirstDoc provides in support of 21 CFR Part 11.

Subpart C – Electronic Signatures
§ 11.10(E),(K)(2) AUDIT TRAIL

21 CFR 11 Regulation FirstDoc FirstPoint NextDocs
(a) Use of secure, computergenerated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not obscure previously recorded information. Such audit trail documentation shall be retained for a period at least as long as that required for the subject electronic records and shall be available for agency review and copying.
  • • FirstDoc uses the Documentum audit trail capability augmented by audit trail entries produced for custom FirstDoc events. Example events include check-in, save, destroy, status change and user acknowledgements, such as review and approval outcome — including electronic signature.
  • • Since the audit trail must be maintained for the life of the record, Documentum’s Purge Audit Trail capability should not be used unless the audit trail has been migrated offline as controlled by a client’s SOP. Note: This assumes that the approved record is the electronic record. Audit trail entries for draft, minor versions of records can be deleted using the FirstDoc purge minor version functionality if the clients’ policies dictate.
  • • FirstDoc provides the capability for authorized users to change document metadata on approved records. In this case, an audit trail entry captures the previously recorded values so they are not obscured.
(b) Use of appropriate controls over systems documentation including: 1. Adequate controls over the distribution of, access to and use of documentation for system operation and maintenance. 2. Revision and change control procedures to maintain an audit trail that documents time-sequenced development and modification of systems documentation.
  • • Electronic audit trail for the appropriate document types must be enabled if documentation is maintained in electronic format.

References

Europe Momentum 2011 – Resources for those who couldn’t be there…

This year’s EMC’s European Momentum is being was held in Berlin.

The Momentum conference is something I have always tried to attend. It  is a great opportunity to:

  • find out what EMC’s strategies are.
  • Attend great sessions to learn more
  • Meet great people
  • Share ideas & experiences,
  • etc, etc.
So – what if you can’t couldn’t attend?
I’m trying to put together a list of resources that will give you the opportunity to follow Momentum online.

Hopefully I will be adding to this page as I find more excellent ways to “be there” (virtually).

Also check out my Google+ stream. I’ll post regular updates there as well. (https://plus.google.com/u/0/110973870217970854594/posts)

Blogs

  • More to come…

Facebook

Official site

Images and Videos from the Conference

Tweets


Presentations


How does FirstDoc “do” 21 CFR Part 11 compliance?

21_CFR_Part_11_compliant

CSC have published (not recently) a whitepaper about the capabilities that FirstDoc products provide for compliance with the FDA’s ruling on Electronic Records and Electronic Signatures (fondly known in the Pharma industry as “21 CFR Part 11”).

The whitepaper is a good one. It starts off with a recap of what is contained in 21 CFR Part 11, and then does an itemised breakdown of the capabilities that the FirstDoc products have to meet the compliance requirements.

You can download it here.

21 CFR Part 11 Compliance Position for FirstDoc Applications

Related Post: FirstDoc, FirstPoint, NextDocs – a “rough notes” comparison

Post-move SharePoint site Comparison

Comparison sites SharePoint migration

Recently I’ve been involved with a client project that included moving some SharePoint sites from one web application to another as well, as moving document libraries from a top site to a sub-site.

While I work at the Business level (business systems analyst role), the move itself was done by client’s IT Infrastructure people. Fortunately they were smart enough to copy the content, instead of moving it. This was a brilliant idea, as it gave us the ability to have the original content still available.

Once the content had been moved the next step was to check that no documents had been missed. Now, the site owner (at the business level) had the best idea of what content would be stored in the doclibs, but as there were 64 of them, (some with 100 documents, many with documents in the thousands), doing a direct comparison was not easy. There was also the fact that the new locations had been “unfrozen” and people were uploading documents.

We investigated various ways to do a comparison. This involved creating special views for the docbases that would include only documents created before the “unfreeze” date, and then doing a screen by screen comparison. This was quickly deemed as not practical, and not handy, and bloody tiring.SharePoint comparison content doclibs sites

Then we tried exporting out the lists from the original location to spreadsheet, and then doing the same with the new location so that each list was in columns next to each other. And then doing a side-by-side comparison. This was definitely more practical, and we thought that it was a plausible solution. Until we discovered that for one of the doclibs there were 900 documents in the old location that were not in the new location.

Fortunately we came across a tool from MetaVis. The application suite of this product included a “Live Compare” feature. With this we were able to easily select one particular site in the left part of the screen, another site in the right screen, and then select the docbases that we wanted to compare. And then after clicking on the “Go and check the differences” button (it was actually titled “Compare Now”), we could see which documents were in the old location, and were not in the new location, and vice versa. This was great! And compared to manually comparing lists, was sooo much easier.

Meta Vis site comparison SharePoint

As well as any differences in content in the doclibs, we were also able to see small differences in other configurations. This was very handy.

Now – I know that the main functionality of the MetaVis tool is to do with migration, and architecting, but this “Live Compare” functionality certainly saved us a lot of time and frustration.  

#ECMJam 3 – SharePoint & ECM

Yesterday, the third #ECMJam was held. A lot of people were involved and it was a very interesting discussion about

the place of SharePoint in the world of ECM.

Bryant Duhon was the Jam facilitator. Check out his “Introductory” post here (http://www.aiim.org/community/blogs/expert/ECMjam-SharePoint-and-ECM).

There were a number of Questions that formed the basis of the discussion. These were:

Q1: Is there problem with #sharepoint expectations, marketing, or the product itself?
bduhon
August 11, 2011
Q2: #SharePoint / #governance — how to do it for real (in 140 characters or less!)
bduhon
August 11, 2011
Q3: Is there/has there been a backlash vs. #SharePoint? http://ow.ly/60GnJ
bduhon
August 11, 2011
Q4: What does #SharePoint do well ootb? What doesn’t it do?
bduhon
August 11, 2011
Q5 Can #SharePoint solve #collab and DM problems for larger companies, as well as smaller? Can/does it really scale?
bduhon
August 11, 2011

Each question raised some interesting responses.

With regards Question 1, there was a feeling that SharePoint was not quite an ECM application:

#ECMjam A>Q1 Sharepoint is no #ECM system when you take the #AIIM definition as reference
PROJECTCONSULT_
August 11, 2011
#ECMjam A>Q1 Sharepoint claims to be #ECM, but a lot of ECM vendors make money enriching SPS2010 with ECM functionality
PROJECTCONSULT_
August 11, 2011
Q1: There’s a problem with expectations! #SharePoint isn’t the be-all/end-all too many folks seem to believe.
steveweissman
August 11, 2011

Others pointed out that the problem isn’t with what the product, itself, can do, but with the “misunderstanding” of what SharePoint actually is.

Q1: IMO, SharePoint “problem” is not with product as much as with misunderstanding of what, why, where, how it can/should be used.
lehawes
August 11, 2011
Q1 Agree that SP does a lot and what it does, it does well. TCM is the big gap. #ECMjam
inoldland
August 11, 2011
Q1: #sharepoint is a platform, but was sold as a product. Leaves users spending $$$ to get what they were promised #ecmjam
danieloleary
August 11, 2011
Others expanded on this, and discussed what ECM should actually be, as well as pointing out that after the “purchase” of SharePoint, extra costs.
Q1 you can not achieve ECM with 1 product or a platform, SP still does not provide scanning OOTB #ecmjam + you need PM consulting & techserv
shadrachwhite
August 11, 2011
Q1 Saw recent data from a SP conf that for every $1 of SP license it sells, partners sell $6 of services. Underscore OOTB issue. #ECMjam
inoldland
August 11, 2011
Q1: So expectations are over-hyped and fueled by microsoft to make #SharePoint out as more than it is. #ECM #ecmjam
bduhon
August 11, 2011
Q1. As follow up to my previous comment, from my standpoint, people just seem to buy software as a panacea. Why not more plan 1st #ecmjam
bduhon
August 11, 2011
Q1. My theory, it’s from Microsoft, so folks believe it’s just going to be out of the box #ECM. #ecmjam
bduhon
August 11, 2011
And not just by Microsoft RT @bduhon: Q1: So expectations are over-hyped and fueled by microsoft #ECM #ecmjam
steveweissman
August 11, 2011
Too hard, too long, too obvious! RT @bduhon: Q1. people just seem to buy software as a panacea. Why not more plan 1st #ecmjam
steveweissman
August 11, 2011

Question 2 (SharePoint and Governance) was met with a unaimous response – PLANNING & CONTROL

#ECMjam A>Q2 #Sharepoint governance needs good planning and administration esp. in distributed environments
PROJECTCONSULT_
August 11, 2011
4 characters: P-L-A-N. 5 characters: T-H-I-N-K RT @bduhon: Q2: #SharePoint/#governance: how to do it (in 140 characters) #ECM #ecmjam
steveweissman
August 11, 2011
#ECMjam Q2-You can define segments of SP with different technical restrictions to assist in governance (e.g. size quotas for team sites)
DerekPunaro
August 11, 2011
Q2: #sharepoint governance must be both centralized and distributed. Policies set by org, solution design by business units. #ecmjam
lehawes
August 11, 2011
#ECMjam A>Q2 Viral, uncontrolled installation and usage of #Sharepoint is the death of every information management governance!
PROJECTCONSULT_
August 11, 2011
One of the advantages of SharePoint is that is puts the administration, and “growth” of a site into the hands of the end-users (empowers). But this is also a disadvantage. Sites can expand and spread “virally”. The discussion touched upon this.
Q2: Governace requires planning up front and RIM on the back. Can’t be done with a full featured ECM #ECMJAM
incontextmag
August 11, 2011
Q2 @piewords “Viral w governance can work.” Sort of like a organizational social media policy? #ECMjam
inoldland
August 11, 2011
More involved but yes RT @inoldland: Q2 @piewords “Viral w governance can work.” Sort of like a organizational social media policy? #ECMjam
piewords
August 11, 2011
Q2 so how do you explain governance to an end user and get them involved? Easy to say, hard to do #ecmjam
danieloleary
August 11, 2011
There, and in CIO office (and in Redmond?) RT @bduhon: Q2. So #governance is where a hammer is needed? #ECM #SharePoint #ecmjam
steveweissman
August 11, 2011
Q2. So, @danieloleary @jessewilkins: #governance is where a hammer is needed? #ECM #SharePoint #ecmjam
bduhon
August 11, 2011
The discussion surrounding this question ended with a few good points that summed up the use of governance in a SP environment. It is useful, but needs to be applied sensibly.
So what kills #SharePoint? RT @incontextmag: Q2: SP doesnt kill governance. People kill governance. #ecmjam
steveweissman
August 11, 2011
Q2: SP doesn’t kill governance. People kill governance. #ECMJAM
incontextmag
August 11, 2011
(Answer) So what kills #SharePoint? Governance! (sometimes) RT @incontextmag: Q2: SP doesnt kill governance. People kill governance. #ecmjam
steveweissman
August 11, 2011
Question 3 (Is there/will there be a backlash against SharePoint) was very much related to expectations.
Only against over-inflated expectations. RT @bduhon: Q3. Is there/will there be a backlash against #SharePoint? #ECM #AIIM #ecmjam
lptacek
August 11, 2011
#ECMjam A>Q3 #Sharepoint is already outdated compared to mobile and apps
PROJECTCONSULT_
August 11, 2011
After 10 yrs? Seems to me we should have seen one already. <Q3. Is there/will there be a backlash against #SharePoint?> #ECM #AIIM #ecmjam
steveweissman
August 11, 2011
#ECMjam A>Q3 #Sharepoint is too complex in relation to consumerisation of #collaboration & #ECM
PROJECTCONSULT_
August 11, 2011
Q3: There surely is a @sharepoint backlash, but it’s misguided, because it’s based on the misunderstandings we discussed re: Q1. #ecmjam
lehawes
August 11, 2011
Q3 Backlash will come only if SP doesn’t deliver value. Same reason there’s backlash against anything. (Apologies to Susan Faludi.). #ECMjam
inoldland
August 11, 2011
Q3: SharePoint has a place, but it’s not a mass market tool. It won’t ever be the Facebook of ECM #ecmjam
danieloleary
August 11, 2011
In the end, this comment was made:
Q3: The problem is that they market it as ECM but ECM is a category and no one product is all ECM. #ECMJAM
incontextmag
August 11, 2011

But someone pointed out:

Only in our circles; elsewhere they promote other stuff (eg, collab) RT @incontextmag: Q3 The problem is that they market it as #ECM #ecmjam
steveweissman
August 11, 2011

Question 4 discussed what SharePoint did well, and what it did not do well.

While this question didn’t generate the same discussion as others, there were some interesting comments.

The “does well” comments included:

Q4 SP does sharing, collaboration and portals very well OOTB. It does not handle high-volume, transactional stuff well. #ECMjam
inoldland
August 11, 2011
Easy way to share Office docs. Replacement for file shares. RT @bduhon: Q4: What does #SharePoint do well ootb? #ECM #AIIM #SP2010 #ecmjam
lptacek
August 11, 2011
Q4 – Collab & portals are good. Governance, transactional content, capture weak. #ecmjam #ecmjam
mtwessel
August 11, 2011
#ecmjam Q4: Good: Basic document management. Huge improvement over shared drives. Bad: Dependent metadata and field validation.
DerekPunaro
August 11, 2011
Q4 SEARCH! In 2010 they nailed it, wish every platform was as functional #ecmjam
danieloleary
August 11, 2011

Whereas, the “does not do well” included:

Q4 SP doesn’t do BPM well. Managing docs from outside an org’s four walls that need to be processed. #ECMjam
inoldland
August 11, 2011
Q4: Doesn’t physical records management, BPM, transactional content management, scanning & capture, archiving & library services #ECMJAM
incontextmag
August 11, 2011
Q4 – Weakness: Seen many orgs empower depts to make their own teamsites, but result is too many silos and no enterprise governance #ecmjam
mtwessel
August 11, 2011
Q4: SP default is to store as blobs, inflating the DB, but if you do much you need a SP work around. #ECMJAM
incontextmag
August 11, 2011

Question 5 asked “Can SharePoint solve collaboration and DM problems for larger companies as well as for smaller?

Generally it seemed that while SharePoint was useful for a small company, the administration, and maintenance requirements were too high to make it practical.

#ecmjam Q5 SharePoint has always been able to scale the difference is it puts it in the users hands front end, versus other ECM backend
rileybeebs
August 11, 2011
#ecmjam Q5 so scaling requires more planning, but absolutely can scale for large companies
rileybeebs
August 11, 2011
Q5 the time to live and staffing requirements are too much for small business, #sharepoint is a better fit for larger orgs #ecmjam
danieloleary
August 11, 2011
#ECMjam A>Q5 #Sharepoint can solve DM problems in smaller orgs but is some overkill in regard to admin
PROJECTCONSULT_
August 11, 2011
Q5 no 4 SMB’s. lack time and IT resources. rely on specific OOTB and references to their biz/problems that dont exist #ecmjam
SteveatFB
August 11, 2011
Q5: Technically (performance, scaling) Yes, but for the features and manageability No. #ecmjam
Tomkan
August 11, 2011
The discussion also touched upon the scalability of SharePoint, as well as its use in the Cloud.
Short ans: yes. Better ans: yes, but, with “but” = may require 3rd pty apps RT @bduhon: Q5 Can #SharePoint really scale? #ECM #AIIM #ecmjam
steveweissman
August 11, 2011
Q5 the best way to scale sharepoint is to run in the cloud #ecmjam
shadrachwhite
August 11, 2011
What kind of cloud? Cloud cloud or VM? RT@shadrachwhite: Q5 the best way to scale sharepoint is to run in the cloud #ECMJAM
juliecolgan
August 11, 2011
#ECMjam A>Q5 #Sharepoint as Office365 SaaS might be the solution for SMEs
PROJECTCONSULT_
August 11, 2011
@bduhon q5 Not yet. There is promise for the future for SP for SMBs with Azure and the future cloud platformed SP in dev. #ecmjam #AIIM
nickinglis
August 11, 2011
Q5 Wondering if performance is an issue as SP scales (when it does). #ECMjam
inoldland
August 11, 2011
#ECMjam Q5: We’re 26,000 people. SP scales, but it needs careful focus and planning.
DerekPunaro
August 11, 2011
Q5: hmmm. Scale in what way? functionality … no. of users … geography … ? #ecmjam
steveweissman
August 11, 2011
So it was  a very interesting discussion with a lot of interesting comments.

For a read of the actual tweet stream, click here (http://www.hashtracking.com/fast-report/?hashtag=ecmjam)

SPX Series – A little bit of history

This is part of the SPX Series

Previous post: SPX Series – SharePoint eXperience – (aka SPX) – Series Introduction

First off – I want to explain that I am, in no shape or form, an SPX “expert”. I’m just a guy who has been using SPX since it was first released. I’m not a coder, so can’t tell you all the cool ways that the web parts can be tweaked, or made to dance. I am able to share with you some of the “lessons learned”, and tips . that I have picked up over time. Some of what I write might be incorrect. Please feel free to let me know if that is the case.

And, where possible, if there are other resources that explain something better than I can, I’ll point you to it.

So without further delay I will launch into today’s SPX post…”A little bit of history“.

SharePoint

In 2007 Microsoft introduced SharePoint 2007.

As well as providing the ability to store content in its own repositories (doclibs, lists), it also provided web sites that could be populated with web parts that allowed users to interact with internal content (lists and SharePoint repositories), as well as external content. This included other LOB enterprise systems (such as SAP, Siebel, etc). There was no native way to connect SharePoint and Documentum though.

Wingspan

A company called Wingspan had also developed technology that provided Web Services connectivity to Documentum.  This consists of the Docway Server, and Docway “Portlets”, (and for SharePoint – Webparts), and allowed for single sign-on,  cross-docbase browsing, as well as the ability for users to access, create & update content from a Portal.

SPX

CSC’s FirstDoc, provides a layer that sits on top of Documentum, and allows for compliance with many of the Pharmaceutical regulatory requirements imposed by the various regulatory authorities (FDA, EMA,  MHRA, etc.)

Using Wingspans technology, CSC (or, at the time, FCG), were able to create special webparts that allowed users to interact with their FirstDoc system from a SharePoint Portal. These offered about 85% percent of the functionality provided by the native FirstDoc application.

4.3

The first version was released in the 2nd half of 2007, and had the moniker “version 4.3“. This was to keep the version inline with the (then current) version of FirstDoc. It was compatiable with version 5.3 of Documentum.

There were 17 webparts available. These included webparts for browsing cabinets, listing the logged-on users checked-out documents, displaying the Home Cabinet, an inbox webpart, an very handy object-view webpart that could be configured to display one particular folder, or cabinet), an also handy query-view webpart that allowed content to be displayed based on a query, as well as an assortment of other functional webparts, and administration webparts.

Each web part offered a user the ability to further interact with an object via a context menu that showed extra functionality depending on the type of object that was clicked upon.

This first version was an excellent step towards greater flexibility in creating interfaces for users that better matched their daily work style. For the 80% of users who rarely log into FirstDoc, it provided a quick and easy way to get to specific documents. Links to specific documents could be sent via e-mail, and when a user clicked on it, the document would automatically be opened, without having to go through a process of logging into a client and searching for a document.

But there were also several shortcomings. There was the 20% of hard-core users that quickly discovered that there was still a lot of functionality that was not available. Also the SPX interface did not offer the same flexibility that WebTop did. You couldn’t easily change the columns that you wanted displayed, the search functionality when compared to the WebTop search was very limited, and the way of interacting with the documents was different. The context menu was not found in WebTop.  Performance was also a bit sluggish especially when using the webparts over a WAN.

To be fair, CSC were also restrained by the limitations of the underlying Docway technology.
(However, Wingspan have been making continual improvements to their technology and CSC have been able to take advantage of this).

5.0

CSC listened to the concerns that the hard core users (as well as the administrators) were having. Version 5.0 of SPX was released in the middle of 2008, with Product Alias Search functionality, the ability to limit search results, and also the ability to add multiple documents to a workflow. Version 5.0 was also compatible with Documentum 6.0

6.0

Then later that year, version 6.0 was released. This was based on Documentum 6.5, and an upgraded version of Docway(6.1). It had been designed to be backwards compatible (with configuration, it could work with version 4.3 of FirstDoc). This allowed SPX to work over multiple docbases of different versions. As well as this, the Inbox and Query webparts were tweaked so that values could be automatically passed on the URL. Menu selection was made configurable. A quicklink capability was added that allows a link to be configured that will launch FirstDoc functionality, and the ability to View Relationships, and Audit Trail reports was added.

6.1

Then, in the later part of 2009, version 6.1 was released with even more functionality – Virtual Documents could now be viewed, multiple files could be imported, a new :”My Views” webpart was available, as well as the ability to view the Workflow Status report. Importing related documents was now, also possible. A version 6.1.1. was also released but this was a correction to a limitation that was previously believed to be uncorrectable.

6.2

In 2010, version 6.2 and 6.2.1 were released. The only difference was that 6.2.1 was certified for use with SharePoint 2010. Both versions also used Docway 7.0.  And there was a bundle of new features and functionality. These included: the ability to register interest, the availability of the WebTop Search app as a webpart, a single-box search (“Google-like”), Saved Searches, the ability to display custom properties in the web parts, clipboard tools, subscription notifications, as well as other functionality.

Future

CSC are working on the next release of  SPX, and it looks like they’ll be adding even more functionality to close the gap between SPX and WebTop.

FirstDoc doesn’t have its own client application – it extends the functionality of the EMC Documentum native client – “WebTop”. EMC has announced that they will be phasing out this out sometime soon.  As a result CSC are dedicated to ensuring that SPX is ready to be a replacement.

So – that’s the end of my “A little bit of history” post. If have made mistakes anywhere, please feel free to let me know.