Most Agencies Have Not Caught up with M365 Governance Capabilities

Given the depth and breadth of the governance, compliance and security changes introduced in M365, it is no surprise that organizations using the platform — especially large ones — are having a difficult time keeping up. As with any critical enterprise platform, much of what you can accomplish in the near-term depends on your starting point. Buying an M365 license — whether of the G3 or G5 variety — is one thing. Keeping it and leveraging it is another.

Even understanding the differences between G3 and G5 in the context of governance is a challenge for many organizations. If set up properly, organizations can accomplish a great deal with an G3 license and many organizations have yet to fully leverage this potential. However, to do Records Management requires a G5 license or an add-on to an G3 license.

Looking across the continuum of end users, there are a wide variety of experiences with M365, making general conclusions challenging. Some organizations have already made the decision to standardize upon the G5 platform and are now focused on adoption and integration issues. Others are still trying to make the decision whether to move from G3 to G5. And still others have not yet deployed M365 in a strategic fashion when it comes to governance, but rather in a piecemeal way to take advantage of individual components like email and the Office and Teams.

Only 21% of organizations report that they have fully optimized the automated governance, compliance, and records management capabilities of M365, and 22% report that they have not even begun.

A huge gap exists in most organizations between the reality of how extensively M365 automated governance has been adopted and perceptions among IT and business staff. This “wishful thinking” gap is fairly common on a variety of governance concerns but is particularly noteworthy with regards to M365 governance. A key challenge for IG professionals in getting funding for governance projects is to reposition governance — which is often viewed as a necessary evil among business executives — as an enabler for the objectives that senior agency executives do care about — security, user productivity, and customer value. Likewise, IG professionals need to help their IT colleagues better understand the unique challenges associated with managing unstructured information — content — at large scale.

This is the fourth in a series of posts based on a new QAI/DocPoint research study conducted by the highly respected MER Conference.

To get a copy of the full research paper Click Here.
#NARACompliance #M-19-21