System 6: Administration Systems

Role: The skeletal structure and nervous system of the company.

1. System Purpose

To provide the foundational infrastructure, tools, and governance necessary for the entire business to operate securely, efficiently, and compliantly. It specifically focuses on IT infrastructure, information/knowledge management (the company "Brain"), document control, and access management.

2. Key Components

1. IT Infrastructure Management: Provisioning, maintenance, and security of all hardware, software, and network resources (e.g., Microsoft 365 tenant, HubSpot account, workstations).
2. Information & Knowledge Management (IKM) Governance: Policies and procedures for creating, storing, organizing, accessing, and retaining all company information and knowledge assets (including the Content Engine's AKUs).
3. Document Management: Standardized practices for naming, versioning, storing, and retrieving documents across the organization.
4. Course Catalogs: Centralized, accessible listings of all educational offerings, including descriptions, prerequisites, and pricing.
5. Access Control & Governance: Managing user identities, permissions, and roles to ensure appropriate access to systems and data while maintaining security.
6. Data Backup & Recovery: Strategies and procedures for protecting critical business data and ensuring its availability in case of loss or disaster.
7. Compliance & Security: Implementing measures to adhere to relevant legal, regulatory, and industry security standards.

3. Tools Used (Within Current Stack)

• IT Infrastructure Management: Microsoft 365 Admin Center (user management), HubSpot (CRM/CMS), Thinkific (LMS), Zapier (Automation Middleware), Windows Defender (security).
• IKM Governance: Microsoft Loop (central policy documents, governance guidelines), Microsoft Teams (communication around IKM updates).
• Document Management: Microsoft SharePoint/OneDrive (structured file storage, versioning), Microsoft Loop (linked living documents).
• Course Catalogs: HubSpot CMS (for public-facing catalog), Microsoft Loop (internal master course catalog with detailed metadata).
• Access Control & Governance: Microsoft Entra ID (formerly Azure AD) (identity and access management for M365 apps), HubSpot User Management (roles and permissions within HubSpot).
• Data Backup & Recovery: Microsoft 365 built-in backup (SharePoint, Exchange Online), OneDrive Sync (for user files), HubSpot native backups.
• Compliance & Security: Microsoft 365 Compliance Center (data governance, DLP), Security policies (documented in Loop).

4. High-Level Workflow (Step-by-Step)

1. IT Provisioning & Setup:
   • New employee onboarding triggers account creation in Microsoft 365 (Entra ID) and HubSpot.
   • Workstations configured with necessary software, security settings, and OneDrive sync.
   • Network access and VPN (if needed) configured.
2. IKM Governance & Policy Definition:
   • Leadership defines IKM policies (e.g., data classification, retention, acceptable use) in a dedicated Loop page.
   • Content creators and managers are trained on IKM standards, especially for Atomic Knowledge Units.
   • Regular audits ensure compliance with naming conventions, tagging, and storage policies in SharePoint and Loop.
3. Document Lifecycle Management (SharePoint/Loop):
   • New documents are created using approved templates (stored in SharePoint).
   • Stored in designated SharePoint libraries with appropriate permissions.
   • Version control actively used for all critical documents.
   • Obsolete documents are archived or deleted according to retention policies.
4. Course Catalog Management (Loop/HubSpot):
   • Content Engine team updates the internal Master Course Catalog in Loop with new course offerings, module descriptions, and pricing tiers.
   • Approved course information is then synchronized (manually or via integration) to the public-facing HubSpot CMS course catalog.
5. Access Control Management:
   • User roles and permissions are defined in Entra ID and HubSpot based on the principle of least privilege.
   • Regular review of access rights (e.g., quarterly) to ensure alignment with current roles.
   • New hires granted access based on their defined role; departing employees' access immediately revoked.
6. Security Monitoring & Incident Response:
   • Microsoft 365 security features monitor for threats and unusual activity.
   • Documented incident response plan (in Loop) for handling security breaches or data loss events.
   • Regular security awareness training for all employees.

5. Detailed SOPs

SOP: Document Naming, Versioning, and Storage

• Goal: To ensure consistent, easily retrievable, and auditable document management across the organization.
• Roles: All Employees (Content Creators, Managers, Support Agents).
• Steps:
  1. Naming Convention:
     • All documents MUST follow the format: [System/Department Acronym]_[Document Type]_[Specific Title]_[Version Number]
     • Example: CE_SOP_AKU_Creation_v1.0, SO_Manual_Agent_Ops_v1.2, MGT_OKR_Q1_2025_v1.0
     • Use hyphens or underscores for spaces. Avoid special characters.
  2. Location (SharePoint Document Libraries):
     • Save documents in the designated SharePoint Document Library corresponding to the relevant System or Department (e.g., Documents/Content Engine/SOPs, Documents/Support Operations/Manuals).
     • Do NOT save critical business documents solely on local drives or personal OneDrive.
  3. Versioning:
     • Leverage SharePoint's automatic versioning.
     • For significant changes, manually update the version number in the filename and add a brief description of changes in the file properties/comments.
     • Minor edits (e.g., typos, formatting) do not require a filename version change, but SharePoint will track internal minor versions.
  4. Approval Workflow (if applicable):
     • For official policies, SOPs, or public-facing documents, ensure they go through an approved review process (e.g., via Teams approval workflow or manual sign-off).
     • Only "Approved" versions should be considered authoritative.
  5. Retention & Archiving:
     • Documents will be reviewed annually. Obsolete documents moved to an "Archive" library or deleted according to the company's data retention policy (to be defined in IKM Governance policy).
  6. Loop Integration:
     • Where appropriate, link to official SharePoint documents from relevant Microsoft Loop pages/components, rather than embedding the entire document. This ensures users always access the latest approved version.

6. Documents to be Created

• IT Security Policy
• IKM Governance Policy
• Document Naming & Storage Convention Guide (As above)
• Access Control Matrix
• Data Backup & Recovery Plan
• Incident Response Plan
• Internal Course Catalog (Loop Page)

7. Required Flowcharts

• User Onboarding/Offboarding Flowchart
• Document Lifecycle Flowchart
• IT Incident Response Flowchart

8. Dependencies on Other Systems

• All Other Systems: Provides the underlying technology, data governance, and access controls for all other pillars to function.
• System 8: People Management: Drives user onboarding/offboarding processes and training requirements.
• System 1: Management & Leadership: Defines strategic priorities and compliance requirements that IKM and IT must support.

9. MVP Version vs. Scaled Version

• MVP (Phase 1):
  • Basic Microsoft 365 and HubSpot setup with core users.
  • Manual document naming and storage in a flat SharePoint structure.
  • Informal access management.
  • Core IKM policies in draft form.
  • Focus on basic security (MFA, strong passwords).
• Scaled Version (Phase 2+):
  • Advanced Microsoft 365 features (DLP, conditional access, advanced threat protection).
  • Automated document routing, retention labels, and compliance features in SharePoint.
  • Granular access controls and role-based access enforcement.
  • Comprehensive IKM framework with audits, training, and continuous improvement.
  • Integrated course catalog with LMS.
  • Advanced security monitoring, vulnerability management, and regular penetration testing.