The Dark Side of Site Audits and Requirements Definition

Stories from the trenches about what gets found.

Stacy Wilson

May 15, 2015

3 Min Read
The Dark Side of Site Audits and Requirements Definition

Sometimes, you open a can of worms when you poke around your intranet to define requirements for improvement. Often, when you audit intranet sites you find things you’d rather not know about.

I tell these stories in workshops all the time to the amazement of participants. So, I thought I’d bring several together to illustrate the hidden opportunities our organizations have in making intranet improvements.

Storing the Unnecessary

Many organizations pay for content storage for material that either doesn’t require storage or shouldn’t be stored. For example, we conducted a series of interviews with executives for a healthcare client to identify ways the intranet could be used to better enable the executive work.

During the interviews, we discovered that each of the members of the executive team had an extra hard drive under his or her desk to store email. Most of the email they chose to store on these hard drives comprised the strings the executive team created in the process of collaboration within the team. They each stored the very same strings with all the very same attachments.

Because the executive team did not have another way to collaborate within the team, members relied on email and storage of email to refind materials and decisions. This has implications in:

  • Hardware costs

  • Risk management

  • Compliance

A robust but secure collaboration space would remove this reliance on email and the costs and risks that come with it.

Out-of-Compliance Content

Legal teams often cringe when we audit intranets because they know that, policy aside, there is content on the intranet that shouldn’t be.

The first example here is the content audit we conducted for a large global service provider. During the audit of more than 20,000 documents, we found a draft manuscript of a novel an employee was writing on the side. Sometimes, auditing your intranet can help you uncover employee management issues in a less threatening way.

The second example comes from a technical assessment we conducted for a healthcare client. Despite the organization’s strong policy stance on putting protected (patient) health information (PHI) on the intranet, guess what we found? That’s right, we found patient health information on the intranet with little to no permission protections.

This is a classic example of why having policy isn’t enough. Putting technical controls in place is equally important. For example, you might tweak the upload screens to include a visible warning about posting restricted content. Such warnings could also link to the policy. Putting routine audits in place further ensures that you catch such situations and remediate quickly.

Old, Stale Content

The most obvious expectation of requirements discovery and site audits is uncovering old, out-of-date content. Every organization has some of this.

In one assignment for a technology organization, we found a policy from 1997 that had the name of a small company that had been acquired by our client many years prior to our review. Not only was the policy old, it didn’t even have the right entity name on it. This is a liability if an employee makes a decision based upon that content and puts the organization into legal hot water as a result.

Building in regular content reviews triggered by SharePoint ensure this type of content doesn’t languish on your intranet. Providing a sound archival method ensures content owners don’t keep things just because they “have no other good place” to store old versions.

The Bottom Line

In each of these examples, we uncovered at least one specific requirement. Interviews, roundtable discussions, focus groups, audits, etc., all contribute insights that can help you better understand your needs from your user’s perspective. Next time I’ll provide more details about content reviews and audits.

Stacy Wilson, ABC, Eloquor Consulting, helps companies communicate more effectively with employees in the digital workplace. Her specialty is supporting governance, usability, content and adoption for digital workplaces/intranets, along with change communication for technology change such as ERP implementations. Connect with Stacy at LinkedIn or on Twitter, or with Eloquor on Facebook.

About the Author(s)

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like