Date post: | 16-Jan-2016 |
Category: |
Documents |
Upload: | aubrey-mccarthy |
View: | 214 times |
Download: | 0 times |
Managing Enterprisewide Social Media Risks
May 18, 2011Net.Finance 2011
Palmer House Hilton Hotel
Jesse TorresPan American Bank, Los Angeles, CA
www.PanAmericanBank.us
2
Social Media is Everywhere!
Facebook: Over 500 million worldwide active users.
Twitter: Over 155 million tweets per day.
LinkedIn: Over 100 million professionals subscribed.
Blogs: Hundreds of millions in English.
3
And everyone is Connected!
4
Social Media is No Longer Just Fun and Games
5
Social Media Can Be No Fun At All
6
Social Media Happens!
During the work dayDuring the sermonDuring highly
informative conference presentations
We cannot control what is uncontrollable.
We must adapt to the new reality.
7
Social Media Brings Risk
8
Social Media Risks Are People Risks
9
People Risks are the WORST Kind of Risks
10
What Can We Do?
11
What Else Can We Do?
12
Be Prepared!
13
Identifying the Risks
Social media-related risks are not technology risks.
It is the “social” in social media that creates the risks.
For organizations, social media risks can be classified into three types (Human Resource Risk Model):Pre-Employment RisksEmployment RisksTermination Risks
14
Pre-Employment RisksThese risks involve the use
of social media during the application phase. Generally this involves the review of social media sites as part of screening process.
Restricted only to information publicly available?
Consideration only of “permissible” information?
Organization may fail to hire a future star performer due to some “unusual” or “quirky” information found.
15
Employment RisksThese risks involve the employee’s use
of social media during company and personal time.
Employee access to social media during the workday. Loss of productivity Liability related to employee comments
(includes regulatory risks) Disclosure of confidential information
(customer and company information) Malware infections
Employee access to social media during personal time. Liability related to employee comments
(includes regulatory risks) Disclosure of confidential information
16
Termination RisksThese risks involve the termination
of employees for inappropriate use of social media and related activities.
Compliance with National Labor Relations Act and related state laws.
Compliance with Federal Stored Communications Act and related state laws.
Compliance with policy statements and organizations norms.
Compliance with other related laws, rules and regulations.
17
Enterprisewide Risk Mitigation
Plan/StrategyPolicyTrainingRisk AssessmentAudit
18
Step One – Determine StrategyHow does/will the organization use social media?
Brand Awareness/MarketingBusiness Development/SalesCustomer RetentionCommunity OutreachCustomer ServiceEtc.
At a minimum, organizations should be “listening” to what is being said about the organization (Google Alerts, SocialMention, etc.).
19
Step Two – Create a PolicyProvides baseline knowledge to all employees regarding
social media and its acceptable range of uses.Informs employees in a formal written manner of the
“ground rules” regarding the use of social media.Provides a list of “Do Nots!” – things that under any
circumstance employees should do not do (e.g., use of profanity, disclosure of employee or customer personal information, etc.).
Formal written guidance ensures that everyone involved in social media activities acts in a consistent manner that works to enhance the company’s brand.
Strong social media policies allow companies to unleash its cadre of social media-savvy employees, creating greater exposure and opportunities.
20
10 Guidelines for Crafting a Policy1) Provide the policy to EVERYONE.2) Make the policy a living, breathing document.3) Monitor others’ social media failures and successes as well as
evolution.4) Make the policy broad in application.5) Disclaim when possible.6) Remind employees that they are Brand Ambassadors. 7) Be honest and transparent but also confidential.8) Give employees leeway to respond in their own voice.9) If necessary, consider invoking a social media review process.10) Experiment and Have Fun.
Download “Creating An Ironclad Social Media Policy” at
http://bit.ly/smpolicyguide
21
Step Three – Train the StaffWhy create a strategy and
policy if you are not going to train employees on how to implement it properly.
Employees want to do the right thing. Show them the way!
Trained staff can be unleashed on the social media universe to evangelize on behalf of the organization. Staff that is not trained will continue to stick things up their noses.
22
Step Four – Conduct a Risk AssessmentRegulators and auditors treat social media
as a service. Any new service must have a risk assessment completed.
The organization’s internal auditors are best suited to conduct the risk assessment.
23
Step Five – Audit the ResultsInclude social media components as part of
the regular audit calendar. Social media page content reviewed as part of
regulatory compliance review (advertising regs, broker/dealer regs, infosec regs, etc.).
Social media background checks as part of human resources audit.
Etc.
The completed risk assessment (Step Four) will provide the auditors with the information needed to plan the audits.
24
Shameless PlugHuman Resources Guide to Social Media
Risks
25
Questions
26
Contact InfoJesse TorresPresident & CEOPan American Bank(323) [email protected]
Download this presentation at: http://bit.ly/socialmedia2011-05-18