Top 10 Best Practices
Best Practices – Reputational risk is the exposure that your company will lose potential or existing business because its trustworthiness has been called into question. A recent study placed economic values on their corporate brand or reputation ranging from less than US$1 million to more than US$10 billion, with the average coming in at US$1.56 billion.
Most major enterprises assign high value to corporate reputation and its protection that their annual reports contain special sections dealing with this topic. With today’s widespread use of social media and other sources of instant news and communication, a company’s reputation has never been more vulnerable
Janco has found a these 10 best practices in organizations that were most confident in their ability to prevent and mitigate IT-related reputational risk
- Have a central focal point for all issues associated with reputation management. Ultimate responsibility for reputational risk, including IT-related items, should rest with one person
- Conduct frequent reputation risk assessments. Risks change all the time and companies need to understand what “new” ones can impact them
- Have an incident communication and response process in place. Once an event occurs it is too late to think about how to respond, have a plan and responsibilities in place so you can be proactive
- Consolidate compliance management and reputation management activities. Measuring reputational and IT risk management strategies against compliance requirements is essential.
- Have a social media policy in place. Establishing the “rules of the road” is a first step in ensuring that the risk to the reputation of the enterprise’s is minimized
- Understand the impact of social media on the organization’s reputation. In addition to recognizing its potential for negative reputational impact, social media should be leveraged for its positive attributes.
- Monitor your supply chain to see how your organization is viewed by everyone at every level. Organizations must require and verify adherence of third-party suppliers to corporate standards.
- Do not assume everything is okay. Organizations should continually evaluate reputational and IT risk management results against strategy to find and eliminate potential gaps.
- Invest in programs that minimize risk – invest in prevention. For optimal reputational risk mitigation, companies need to fund critical IT systems as part of their core business.
- Communicate to everyone that reputation is important to the organization. After an event get back to suppliers, customers, “potential” customers, employees and other as quickly as possible to show that the organization places a high degree of importance to its reputation.