by clicking the arrows at the side of the page, or by using the toolbar.
by clicking anywhere on the page.
by dragging the page around when zoomed in.
by clicking anywhere on the page when zoomed in.
web sites or send emails by clicking on hyperlinks.
Email this page to a friend
Search this issue
Index - jump to page or section
Archive - view past issues
GRC Professional : GRC Spring 2011
1919 tips on developing a social media policy Ross Dawson, Chairman of Advanced Human Technologies, offers the following advice: W Figure out exactly who it is that is authorised to use social media in the company’s voice. This may be one person or, as is the case with Dell, it may be several thousand people. W in consultation with the chosen social media team, make an agreement about what they can and cannot do within the platform. This should include topic areas of discussion, empowerment to make instant decisions as well as tone of voice and general style. W Create separate guidelines for all staff in terms of what constitutes acceptable usage of their own private social media activities. For instance, can they name who it is they work for and if so, should the comments be run by a corporate moderator first? The natural decision is to not let staff mention the company name in their private social media dealings, but remember that there is just as much danger in a staff member entering a discussion in an area in which they’re knowledgeable without first admitting who it is they work for – they can often be perceived as someone ‘planted’ into the conversation by the company. W Promote your social media policy heavily and regularly amongst staff. It should constantly be updated as technologies change, therefore staff must constantly be briefed on these changes. W Boil down your social media policy into a one-page set of guidelines. If it’s 10 pages long, nobody will read it. Telstra released theirs as a comic book! comes in. Various organisations offer products that automate many of the processes required for thorough monitoring of social media governance guidelines. James Cella, President, SiteQuest technologies, technology partner for SunGard’s Protegent Social Media Surveillance, has heard many stories from clients about guidelines being accidentally or intentionally abused or ignored. “One of our clients was a broker/dealer that had two clear policies in place,” he says. “The policies were: 1) if a rep has their own website then changes made to that site had to be run past the Compliance team; and 2) no social media was allowed. Then the company discovered that one of their advisors had in fact been encouraging people, via his constantly-changing website, to follow him on Twitter. Our application could have taken care of both of these issues as it not only monitors social media but also specific websites.” Despite the negative stories, Cella says the greatest risk in social media comes from not being involved. “The risk of not getting involved is threefold,” he says. “Firstly, if an organisation is competing for some of the top representatives out there, especially in finance, having best-practice social media attracts them. Second, there is great relevance that comes with being on the cutting edge of technology. You can be seen as one of the have-nots if you’re not involved in social media. And finally, there’s a risk of not having control over your brand and your reputation. Social media allows you to control or amplify your message.” Phil Vasic, Regional Director at internet security technology company Clearswift, says more and more organisations are locking staff out of social media rather than encouraging them to exploit its capabilities. The company’s recent Worklife Web 2011 report said that within many organisations there is a blurring of the line between personal and professional use of social media. It’s an obvious case of a lack of clear guidelines from the governance team. “Blocking social media is not really the way to go as it eventually blocks business,” Vasic says. “A thorough acceptable-usage policy and clear communication of that policy is usually all that is needed to manage the issue. Once that is in place there is technology, such as that produced by our own company, to help the Compliance team manage the process. The major areas of risk in social media, Vasic says, are unfavourable information about a company being posted by a staff member, data- leakage in the form of business-critical information being posted via social media, and reputational damage via a disconnect between social media use for work and for personal purposes. “Employers are expected to work and be available at all hours - that’s what smartphones are all about,” Vasic says. “So of course there will be a blurring of the lines as work time merges with personal time. Clearly communicated governance in the form of guidelines and processes is essential.” Love it or hate it, social media is a necessary ingredient in the recipe for future business success. Think about it this way: at some time or other personal computers, mobile phones, email and spreadsheets have all been banned from offices, but they are all now vital parts of business. So too is social media. A well-crafted and thoroughly communicated policy document, including specific roles and responsibilities, checkpoints and filters, is all that is needed to begin the journey to towards successful customer engagement. X
GRC Summer 2012