Microsoft 365 governance: Qim info commits to a collaborative project with SIACG
During the COVID crisis, the Intercommunal Computer Service of the Association of Geneva Communes (SIACG) urgently implemented certain Microsoft 365 functionalities for users across 44 member communes.
To develop a governance strategy for its applications and introduce new services, SIACG turned to Qim info. The user commission then established a formal framework, ensuring the investment met the communes’ needs while maintaining optimal security.
Known for its delegation services, Qim info is also adept at providing valuable advice to businesses and public services, regardless of their size and complexity. This is what the Modern Workplace and Workstation department did for SIACG, post-pandemic. Following the deployment of Microsoft 365 in all 44 communes, Qim info crafted governance rules to regulate the use of these software, particularly those vital for data sharing and remote operations. This long-term initiative has left the Geneva public structure fully satisfied, largely due to the attentiveness of Xavier Fabre’s team, the department head, in addressing the needs of the communes.
Rapid Deployment of Microsoft 365
Since 1986, SIACG has been creating, developing and operating a global IT environment for all its member communes. Covering everything from design and development to the maintenance of communal IT infrastructure (information systems, software) SIACG is also responsible for network expansion and user support (training, assistance, and IT consulting). In 2020, amid the health crisis and the sudden necessity for remote work, SIACG had to quickly implement a suite of applications to ensure continuity of public service.
“We had several software options, but as a public entity, efficiency was paramount. Already leaning towards Microsoft, Teams seemed the obvious choice, but we took time to consider other options, comparing them across various aspects (usability, ecosystem, cost-effectiveness). Ultimately, Microsoft 365, including Teams, was rapidly deployed across all communes. However, the solution was initially restricted to ensure security and user support, and a broader usage framework remains to be defined,” explains Sylvain Liaudat, Deputy Director of SIACG.”
Implementing Governance: A Complex Task
With numerous Microsoft 365 licenses (including Teams and Office suite) at hand and new features regularly introduced, SIACG started contemplating the structure and usage of these tools. An initial analysis was conducted. “We realized it wasn’t simple to define, write, and implement such governance in our context. At that point, we sought help from a service provider, specifically Qim info’s expertise. A collaborative effort then began—with the User Commission (representing the local authorities) laying down the functional requirements, and a 365 User Group (covering the technical aspects),” continues Sylvain Liaudat.
Qim info x SIACG: A Longstanding Relationship Based on Trust
Having previously collaborated with Xavier Fabre on significant projects, Sylvain Liaudat decided to contact him. “We stayed in touch because I greatly valued working with him, both for his professional and personal skills—qualities we pay special attention to. Therefore, when this governance project arose, I immediately thought of him to assist us, working alongside the user commission.
The SIACG was impressed from the outset with Qim info’s team. “We shared our needs and concerns, as well as the communes’ expectations. It was our first time undertaking such a project, and we were very satisfied with Xavier’s team’s responsiveness and their ability to fully embrace this task. We had complete confidence in their ability to meet this challenge.”
A Collaborative Project
M365 Governance: SIACG's Needs
Once stakeholders agreed to engage Qim info, a comprehensive list of SIACG’s expectations for the governance was compiled.
“Initially, we inventoried what was deployed and used, quickly drafting a first version of what was operational on the ground. Then we considered the conditions under which these software could be used,” explains Sylvain Liaudat. From this analysis, several applications emerged: the office suite and “power apps,” software for developing small applications to automate tasks or collect data. “Communes wishing to use these power apps are responsible for what they create. This was a point governance needed to clarify to ensure everyone had the correct level of information.”
The governance also focused on collaborative tools like MS Teams, SharePoint Online, and OneDrive Enterprise, aligning with the User Commission and 365 user group.
As for legal and security aspects, SIACG teams and communes, with Qim info, undertook significant work to define the structure and configuration of Microsoft 365 tools to meet these needs. This involved a CIS audit and the development of profile/usage matrices and responsibility matrices, highlighting the comprehensive approach to tool implementation.
After finalizing the first version of governance, the focus shifted to tool configuration.
Qim info quickly halted the first governance version. “We went through many steps to finalize this project: interviews in the communes, writing, explaining, and then modifying based on user feedback. We had to be flexible to move forward as quickly as possible,” shares Xavier Fabre, head of the Modern Workplace and Workstation department. “Naturally, not all needs could be included in this first version. Choices had to be made for the governance to be approved by SIACG’s clients. Subsequent iterative work aimed at improvement, as seeking perfection from the start can keep us stuck on theory.”
Once accepted by all, Qim info began another interesting phase: configuring the tools according to the governance plan.
For example, Microsoft 365 allows the creation of collaborative spaces with almost unlimited capacity. In the governance established by Qim info for SIACG, each of these spaces is outlined with a specific lifecycle and limited storage capacity through quotas. “We really delved into the details to ensure nothing was overlooked, and in this regard, Qim info was invaluable for their impartial and expert perspective.”
Security aspects in Microsoft 365 were also extensive. Qim info’s expertise, particularly through a CIS Critical Security Control audit and implementing an action plan by the internal team, was crucial. This aspect also covers the location and method of storage, in line with the law on public information, document access, and personal data protection (LIPAD).