Do you think policy is the only way to manage social media risk?

Phil leads our Social Media Governance service

You may be excused for thinking that Social Media Governance is just about having a Social Media Policy. Of course, policy is one essential element of any good governance strategy, however, there are 5 other, equally important elements to help you manage the risks of social media. In this article I will introduce each element and pull out some key points.

Social Strategy

You may at first wonder why this is important when it comes to governance. Without a clear understanding of your objectives for social media, it becomes hard to implement controls which will allow you to meet your goals while at the same time managing risk. For example, you may design a strategy to engage and motivate a group of advocates and reverse-mentors who can help ensure good practice is embraced throughout your organisation.

Social Governance

Social Media needs an owner. I’ve seen it work well when a board member takes overall responsibility for social media and when roles and responsibilities for day-to-day social media activities are clearly defined. Decision making becomes difficult without clear ownership. For example, who should be responding to an abusive message? How should they respond and who owns the process? Who approves the latest changes to the policy? The social media owners should own the documents and processes. The social media owners should take responsibility for monitoring social media and providing metrics back to the business to track performance and return on investment.



Social Resilience & Crisis Management

Want to avoid being the next example of a spectacular social media #fail? To do this, you need to act now! You need effective processes in place which will first alert you to an incident and then help you respond quickly and effectively. By having effective processes in place for handling abuse or responding to a hacked account, for example, you are far more likely to successfully manage an incident when it arises. Note the deliberate use of “when”…

Data Privacy & Control

Data Privacy and Protection is an important point which should not be overlooked, especially when it comes to Enterprise Social. Keeping confidential data confidential is vital for all organisations. Knowing where your data is located and how it moves across your network is also important to ensure that you adhere to data privacy and protection legislation around the world. In terms of control, this is where it can get tricky as we’re trying to control something that many see as uncontrollable. However, there are controls which can be implemented to help manage risk. The use of a social media management system, for example, could be mandated for traditional social media accounts such as Twitter. If configured correctly, each user will have their own login meaning that there will be no need for the actually social media account password to be shared among those who need access to a particular account. Managing your account access in this way makes it harder for a malicious outsider to obtain the login details. Some social media management systems can even be configured to filter out profanities or specific words to avoid libel or defamation.

Regulatory Compliance

The issue of regulatory compliance isn’t just one for your legal and compliance team, the social media team need to understand how regulatory issues impact social media. Granted, some industries are more highly regulated than others, but regardless of your industry, you need to be aware of the issues that affect you. Do you understand when you need to use #ad or #spon in your posts for example? Could your next post be inappropriately disclosing market sensitive information? Nevertheless, doing the right thing for your organisation, your people and those outside of your organisation will help you build trust – a key component of successful social media management.

And of course, I couldn’t finish this article without talking about policy itself, so…

Social Media Policy

Social Media changes rapidly and it’s therefore important to have a well-written, clear, concise and an up-to-date policy which is regularly reviewed. I would stay away from pages and pages of policy, instead, write a policy which encourages positive behaviours in social media. Consider referencing other policies such as your acceptable use or code of conduct when a more detailed explanation is required.

Policy Awareness and Training

Finally, there’s no point in having an excellent policy if nobody knows where to find it or even knows it exists in the first place! Ensuring that the policy is readily accessible is important to ensure that users can find it when they need it. You also need to ensure that appropriate training is available that emphasises the key points in the policy. Advocates, champions and reverse-mentors are a good way of making sure the best practices from the policy filter through your organisation, as referenced above.

Of course, this isn’t a blueprint for a one-size-fits-all social media governance strategy and some elements will be more or less relevant to each organisation. Hopefully this article will help you think about the key elements which need to be considered when thinking about Social Media Governance and bring you closer to effectively managing the risks of Social Media.