General Guidance

Prior to submitting forms to begin the process of implementing an External SharePoint site, you should outline answers to the questions below. These answers will help you when completing the required forms.

• Will the site be used for multiple initiatives, programs, or phases?
• What is the purpose and/or goal of your new site?
• What initiative will the site support and what is the justification for external collaboration?
• Who are the stakeholders?
• What type of data are you sharing on the site (describe the actual data/content that will be shared through documents or data sets).
• Are there any restrictions in place with third-parties that states how and who can access the data?
• Will everyone will have access to all documents on the site or will you need to restrict access to specific information or users?
• If you are collaborating across teams, is a current site already in place? If so, does it make sense to use an existing site or create a new one?
• Will you be requesting a single site or should IT also create sub-sites? If so, how many?
• How many Document Libraries or Lists will you require as part of the implementation?
• What should the names for each site, sub-site, Document Library and List be?

• Who will require access to the site, sub-site, Document Libraries and Lists, and what level of access should they be given?

  information table

  Permission Groups	Access Level	Definition
  Project Leads	Administer	Provides the access below as well as the ability to add or remover users from Permission Groups. This access should only be provided to NYSERDA staff who will administer the site.
  Members	Contribute	Provides the access below plus the ability to add, edit and delete: documents in Document Libraries and list items in Lists. This access can be provided to internal and external stakeholders.
  Visitors	Read	Can only view the site and associated document libraries and lists as well as download documents in document libraries.

  Unique Permission Groups can be established for each site, sub-site, document library and list. Be sure to outline what level of access each user will need for each site/sub-site and site component (Document Libraries and Lists).

Expectations

• It can take up to three to four weeks after completing step 4 of the process outlined on this page before your new site is implemented. Be sure to take this into consideration.
• The Data Governance Office is available to help the Requestor complete the forms if necessary.
• Consult with your Program Counsel before submitting the request.
• If an NDA, MOU or other agreement exists, the classification must comply with the stated restrictions. Please ensure this information is communicated to the Data Governance office and denoted on the Data Classification Worksheet.
• All required forms can also be found on the Data Governance SharePoint Site .
• The Data Governance Office reviews all completed forms and will follow up with the Requestor if forms are not fully completed or more details are needed.
• For External SharePoint sites, the Requestor, Data Owners, Data Stewards, or Site Manager is responsible for ensuring that the integrity, security requirements and access authorizations are managed properly.
• Immediately remove stakeholders that no longer work at an organization or on the program.
• If you are the owner of an approved External SharePoint site, any additional information, data, or authorized stakeholders that need to be added to the existing site must be approved by Data Governance. Contact Data Governance before adding any updates to the existing External SharePoint site.
• If you are not the Data Owner, please consult with data owner on the data classification of the information.
• The following types of data sharing do NOT need to go through the Sharing Data with External Stakeholders Request process:
  • Responses to FOIL requests that have been vetted through Counsel’s Office.
    (Utilize the Freedom of Information Law (FOIL) External SharePoint Site.)
  • External and internal collaboration on NYSERDA Lean Projects.
    (Utilize NYSERDA's Lean Projects External SharePoint Site.)
  • Proposals to Scoring Committee Members for programs not in Salesforce.
    (Submit a Service Desk: Share Data with External Parties ticket to utilize the IT External SharePoint site for a one-time collaboration.)
  • Requests to the Web Development team.
    (Submit a request through the Marketing Collaboration Tool.)
  • NYSERDA Corporate reports to required stakeholders.
    • Reports on the NYSERDA Reporting Timeline will continue with current process
    • If file transfers are required, submit a Service Desk: Share Data with External Parties ticket.

The Data Governance Office will review your submitted Data Classification Form, External Data Sharing Request Form and Share Data with External Parties service desk request and provide a recommendation to the Legal Contact aligned to your Program or Department.

The Counsel's Office will then review the information provided and either approve, request additional information for, or deny the request.

Once the request is approved by Legal, the Data Governance Office will work with IT to implement the site based upon your submitted requirements. You will receive a notification from IT when the site has been implemented with instructions on how to use the new platform.

Review the new site when you receive notification of implementation. Confirm that the site was implemented correctly according to your requirements and verify that the following disclosure appears on all pages.

Respond to the Share Data with External Parties service desk ticket you established documenting any additional changes that are needed or provide your approval for the new site. Send an email confirmation to the Data Governance Office and IT that the platform works successfully.

Provide access for the new site to the internal and external stakeholders following the instructions on the SharePoint: Managing Permissions (placeholder) Each user must have a unique Microsoft email account - shared accounts are not allowed.