CIO challenge – how to manage the social media risks
CIOs are faced with new social media risks. Analysts are predicting that by 2016 as many as 40 percent of all organizations will utilize social media as a customer service channel. With that in mind CIOs need to be aware that their organization’s reputation can quickly be damaged through the instant spread of bad news or a negative incident via social media.
It only takes one disgruntled customer to take to Twitter, You Tube or Facebook and the results can be costly. Even worse, damage can be done by a disgruntled employee with access to corporate social media accounts and a determination to discredit the company.
The issue faced by enterprises of all sizes is ensuring that the right message is being communicated in a consistent manner. The first step in achieving this objective is to have a uniform social network policy.
The Social Networking Policy Template is the right tool for this task. With it you can successfully manage and control your employees’ activity that are related to your enterprise.
Risk management rules apply
Traditional risk assessment rules apply to managing social media – identify, record and mitigate risk. So, while there is no doubt that social media will continue to be a risk, by implementing sound processes and procedures supported by an enterprise control platform risk managers should still be able to sleep soundly at night.
The processes to follow are:
The first step is to identify potential risks, in the case of social media these include:
- Employees sharing confidential information;
- Loss of control or ownership of the organization’s social media accounts;
- Careless posting by employees: accidental or deliberate;
- Employees defaming their employer on personal profiles;
- Failing to respond to negative posts or responding in an inappropriate manner;
- Failing to listen to the social web or the right conversations;
- Not sharing best practice;
- Being unaware of who is listening to which conversations and responding on behalf of the organization.
A lack of attention to detail in terms of knowing how usernames and passwords are being shared means that in the event of something going wrong no-one is accountable or traceable for posting the offending content. The lack of an audit trail makes it difficult to identify who and why a damaging internal post has appeared. Likewise, is it clear who is responsible for replying to external negative comments and in what tone? Adding fuel to the flames can make matters worse but if the source of that fuel cannot be identified steps to call a halt and correct the situation will take precious time.
Document and manage
Document and manage potential social media risks in order to implement a control platform that works seamlessly across the entire organization.
Step three: mitigation
Mitigation is the third step when it comes to the control of social media risk. In the event of the worst happening social media channels should be kept open and readers kept informed as to what is being done to remedy the situation. Openness and clarity are essential. In the event of the crisis having been created internally, audit trails and validation will soon identify the source and allow the necessary actions to be taken. If the crisis was as a result of an external source, the right people required to respond will be alerted and the appropriate reaction documented.