Procedure

Introduction

Outline Requirements

Test

Procedure

Introduction

Outlining requirements is an extremely important first step in the process of establishing a new External SharePoint site. IT and Data Governance will rely largely on these requirements when building the site but will reach out to you if they have questions during implementation. To that end, the more detail you provide regarding how the site will be used and by whom, the easier the implementation will be.

What is the purpose and goal of your new site?

Do you currently have a site this new site will be aligned to? If so, what is the name and URL for your existing parent site?

Who will require access to the site and what level of access should they be given?

Permission Group Identifier	Access Level Provided	Definition
Project Leads	Administer	Provides access to add and remove members from permission groups assigned to sites, sub-sites, document libraries and lists. Should only be assigned to users who will need to manage and maintain access to all site and site components. This access also provides all the access listed below as well.
Members	Contribute	Provides access to upload and delete document from document libraries as well as add, edit and delete list items. This access also provides all the access listed below.
Visitors	Read	Provides view only access to sites, sub-sites, document libraries and lists including the ability to download documents.

What will be the name of your new site?

While it is possible to change the names of sites and site components, it is not recommended. Be sure to think thoroughly through what the name of the site will be as changes, while possible, can have some negative downstream impacts to users who frequent your site.

System Instructions

Introduction

Complete a Data Classification Form utilizing your requirements outline. Reference the Data Classification and Security Controls Policy as needed.

Field Name	Required	Purpose and Requirements
Verified By	No	Do not use this field. It is used by Data Governance to manage the form review process.
Date	No	Do not use this field. The current date will always populate.
Name of Data or Information being classified	Yes	Enter the name of data or information that will be classified. There are some examples listed below this field if needed as a reference point.
Data Type	No	Data can be classified as a group or by attribute. When classifying data by attribute, a complete list of all data attributes must be attached. Select the most appropriate option from the drop-down menu.
Data Owner	No	This is the Director or Manager accountable for the data. This field is connected to NYSERDA's active directory.
Requestor	Yes	Person completing this form. This field is connected to NYSERDA's active directory.
Department within NYSERDA where data resides	No	Select the Program Name from the drop-down menu.
Location	No	Select your Office Location from the drop-down menu.
Data Source	No	Document where the data comes from, i.e. Sales Force, Excel Spreadsheet, NEIS, etc.
Section 1: Personal, Private and Sensitive Information (PPSI).	No	Refer to the question listed on the form associated with this field and choose the most appropriate option from the drop-down menu that answers the listed question.
Select one of the following based on what describes your data the best	No	Select the most appropriate option from the drop-down menu reflecting your answer to the disclosure listed below this field.
Section 1: Question 1 Comments	No	Enter any relevant comments that relate to your selection for the Section 1: Question 1 field.
Section 2: New York State Data Classification Mandated Question 1	No	Use the drop-down menu to select an appropriate response to the questions listed just below this field.
Section 2: Question 1 Comments	No	Enter any relevant comments that relate to your selection for the Section 2: New York State Data Classification Mandated Question 1 field.
Section 2: Question 2	No	Use the drop-down menu to select an appropriate response to the questions listed just below this field.
Section 2: Question 2 Comments	No	Enter any relevant comments that relate to your selection for the Section 2: Question 2 field.
Section 2: Question 3	No	Use the drop-down menu to select an appropriate response to the questions listed just below this field.
Section 2: Question 3 Comments	No	Enter any relevant comments that relate to your selection for the Section 2: Question 3 field.
Section 2: Question 4	No	Use the drop-down menu to select an appropriate response to the questions listed just below this field.
Section 2: Question 4 Comments	No	Enter any relevant comments that relate to your selection for the Section 2: Question 4 field.
Section 3: Program / Contractor Data Question 1	No	Use the drop-down menu to select an appropriate response to the questions listed just below this field.
Section 3: Question 1 Comments	No	Enter any relevant comments that relate to your selection for the Section 3: Program / Contractor Data Question 1 field.
Section 3: Question 2	No	Use the drop-down menu to select an appropriate response to the questions listed just below this field.
Section 3: Question 2 Comments	No	Enter any relevant comments that relate to your selection for the Section 3: Question 2 field.
Section 3: Question 3	No	Use the drop-down menu to select an appropriate response to the questions listed just below this field.
Section 3: Question 3 Comments	No	Enter any relevant comments that relate to your selection for the Section 3: Question 3 field.
Data Governance Classification	Yes	Select the appropriate Confidentiality Rating from the drop-down menu.
Reasons	No	Enter the reason for classification, i.e. contractual, PPSI, name, address, etc.
Internal or stakeholder accessibility to data	No	Select all the options that apply from this drop-down menu.
OPEN NY Consideration	No	Select the appropriate response from the drop-down menu to assess if program is interested in publishing data on OPEN NY.
Published on OPEN NY	No	Enter the date that program data began to be published on OPEN NY, if applicable.
Attachments	No	Include any required attachments to this form.

Then, complete an External Data Sharing Request Form utilizing you requirements outline. Reference the Data Classification and Security Controls Policy as needed.

Field Name	Required	Purpose and Requirements
Date of Request	No	DO not use this field. It will auto-populate with the current date.
Desired Site Completion Date	Yes	Enter a date when the site needs to be completed by.
Requestor Name	No	Enter your name. This field is connected to NYSERDA's active directory.
Purpose of Request	Yes	Provide a detailed description for this request. Utilize the work done when Outlining Requirement when entering a description. Be as detailed as possible,
Description and Permissions for Data, Document and Reports	Yes	Provide a list with a description of the data, documents and reports being shared. Identify any confidential data, who will have access to the information and the permission level (read only or read/write permissions).
If you selected an External SharePoint site, is this a request for a new site or a new sub-site under an existing site?	No	Select all that apply from the options listed.
If you selected New Site, describe the stakeholders for this external site	No	Select the most appropriate option from the drop-down menu.
If you selected New Sub-Site or Document Library under existing site, then provide the link to the existing SharePoint site	No	Provide the URL link to your existing External SharePoint site this new site will be a sub-site for.
URL preference for new SharePoint site / sub-site	No	Enter in an identifiable acronym for your program, department or team that will be used in the new site's URL.
Title for new SharePoint site / sub-site	No	Enter in a name for your new site. This field is only used if you are requesting a new External SharePoint site.
Provide at least 2 NYSERDA staff names that will function as SharePoint Site Leaders	No	Enter in the name of at least two of your teams members that will act as Project Leads for the new site.
SharePoint Document Library Name(s)	No	Specify the name of all document libraries that should be created.
Provide at least 2 NYSERDA staff names per Document Library that will function as Library Leads	No	Enter in the name of at least two of your teams members that will act as Project Leads for the new document libraries.
Open NY Platform	No	This field should only be used if requesting using the Open NY Platform.
Legal Contact for your program / department	Yes	Select the appropriate legal contact from the drop-down menu.
Does the data / information contain Personal, Private, or Sensitive Information (PPSI)?	Yes	Select the option that best answers this question.
Has the data / information / report been classified by the Data Governance Office?	Yes	Select the option that best answers this question.
If YES: Data /information / report classification level	Yes	If you answered Yes to the above question, select the option that best responds to this field.
Is the data / information leased or purchased from a third party or generated by NYSERDA?	Yes	Select the option that best answers this question.
If leased or purchased from a third party, please provide a link to the third party agreement	No	Enter the link to the third party agreement.
Identify where the data / information is stored, examples in description	No	Enter details that best respond to this field. Examples are listed below for reference.
Stakeholder Name(s) and Organization	Yes	List all stakeholders that will have permission to access this site, i.e. DPS staff, DEC staff, etc.
Has the stakeholder / contractor signed a Non-Disclosure Agreement (NDA)?	Yes	Answer accordingly. If answering Yes, be sure to include all signed NDA's to this form.
Has the stakeholder / contractor signed a fully executed NYSERDA Contract, Agreement or Task Work Order?	No	Answer accordingly. If answering Yes, be sure to include all signed contracts or agreements to this form.
FOR DATA GOVERNANCE OFFICE ONLY. Recommendation to Legal.	No	Do not use this field.
FOR LEGAL DEPARTMENT ONLY: Does the site need a disclaimer?	No	Do not use this field.
FOR LEGAL DEPARTMENT ONLY: Disclaimer Language	No	Do not use this field.
FOR DATA GOVERNANCE OFFICE ONLY: Reviewer(s)	No	Do not use this field.
Manager or Director	No	Enter the name of the person responsible for all external information via any platform.

The Data Governance Office is available to help requestors complete either of these forms if necessary. If you are having trouble, please reach out to them.

Unable to render {include} The included page could not be found.

Procedure

Introduction

The Data Governance Office will review your submitted Data Classification Form, External Data Sharing Request Form and Share Data with External Parties service desk request and provide a recommendation to the Legal Contact aligned to your Program or Department.

The Counsel's Office will also review the information provided and either approve, requests additional information or denies the request.

Once the request is approved by Legal, the Data Governance Office will work with IT to implement the site based upon your submitted requirements. You will receive a notification from IT when the site has been implemented.

Review the new site when you receive notification of implementation. Respond to the Share Data with External Parties service desk ticket you established documenting any additional changes that are needed or provide your approval for the new site.

Share details with the external stakeholders on how to access the platform and data. Each user must have a unique Microsoft email account - shared accounts are not allowed.

Ensure that the integrity, security requirements and access authorizations are managed properly.

Remove stakeholders immediately that no longer work at an organization or on the program.

Page tree

Requesting New External SharePoint Sites

Introduction

Introduction

Introduction

Introduction