Using the R.E.A.C.T. Method for Better Governance Policies
Developing governance policies and standards for a Digital Experience Platform (DXP) like Sitecore can be a daunting task.
Building upon the guidance in the Sitecore Governance: How To and a Template Too article, you can use the R.E.A.C.T. method to ensure your policies/standards are Readable, Enforceable, Accessible, Communicable, and Trainable.
Your governance policies and standards need to be easy to read and understand. Use bullet points and links to information as appropriate. Images and flowcharts may also assist depending on the policy. You might also be tempted to try and create one “governance policy” to rule them all, but it may be better to break them into distinct policies per type of activity (ex. Code Deployment Policy).
Can you enforce your policies? It’s a hard question and one that does not mean that you need to have a disciplinary hearing for a policy miss. Rather, do you have a mechanism and resources to ensure compliance? Also, do you have the resources required to take action on a policy/standard? For example, if you create a robust DevOps policy but lack the resources to perform actions to meet the policy goals, you need to revisit your policy/supporting standard.
How accessible are your policies and standards? Are they printed out and living on someone’s shelf gathering dust or do people know where to find them? This is where maintaining your policies and standards in a place where editing, commenting, and review comes into play. Wikis like Confluence can be a huge help in this regard.
Have you communicated out your policies and used a detailed communications plan that targets users based on the best communication method for your audience? The governance plan template has a sample communications plan that focuses on the who, what, when, and channel(s) of communication to undertake.
Can you train the appropriate resources to follow the policies/standards? This differs from enforceability in that this is more about having a plan to train those impacted by your governance policies. Generally, training is part of your communications plan or working sessions to ensure everyone is able to execute.