Thursday, March 8, 2012

Social Media Governance Management Plan

John Kyriazoglou*

Social media is fast becoming a way of life for hundreds of millions of private individuals as well as people working in organizations, all the over the world, to exchange and share all types of information (data, voice, text, video, film, music, pictures, etc.) about themselves for personal or business reasons. Social media (Facebook, MySpace, LinkedIn, YouTube, Twitter, etc.) are fundamentally changing how many private companies, multi-national enterprises, not-for-profit and public organizations handle communication, both internally and externally.

It makes good business sense to embrace all aspects of social networking so that businesses bring their customers closer to them and improve brand acceptability and experience.

While the services provided by social media have advantages (see more details: (1) ‘Realizing the Value of Social Media Requires Innovative Computing Research’, Ben Shneiderman, Jennifer Preece, Peter Pirolli, Communications of the ACM, Vol. 54 No. 9, Pages 34-37
10.1145/1995376.1995389, (2)
The True Value of Social Media’,, and (3) the article by Amy Porterfield:,

they also pose several risks to businesses, such as: destroying corporate data, spreading false information, data theft, data disclosure, malware infection, copyright infringement, unregulated communication of confidential information, etc. It makes therefore, good corporate sense for every organization and its management, before their people use social media for business or private purposes to develop and implement the required controls.

The following management action plan provides an example of what controls might be required. It is probably best and highly recommended that this should be customized to your purposes, in order for this to suit your corporate environment and socio-economic setting:
1. Select and appoint a Social Media Governance Officer.

2. Develop a social media strategy: establish a social vision of the organization, identify your corporate social media objectives, do a risk assessment (threats, vulnerabilities, likelihoods, impacts), select social media and web-sites, assign roles and responsibilities, obtain legal support, study the cultural impact of social media to the organization, establish a set of business processes to support the social vision of the organization with relevant targets and guidelines and 3. Select content, and manage content to be uploaded.

4. Define social media processes and rules of engagement. Align offline with online content, ethics, and communication processes.

5. Develop and implement an appropriate mix of procedures and guidelines, considering the ethics code, confidentiality and privacy issues, and the regulatory framework in which the organization operates.

6. Develop and implement the appropriate administrative and IT technical controls.

7. Develop and implement a crisis communication policy, including escalation practices and legal considerations.

8. Educate and train staff on how to behave and what to do.

9. Manage any issues related to 'incorrect' content added to their social media pages.

10. Develop and implement an appropriate monitoring, reporting and review framework.

*Author’s Credentials

John Kyriazoglou, CICA, B.A(Hon-University of Tororonto), is an International IT and Management Consultant, author of the book ‘IT STRATEGIC & OPERATIONAL CONTROLS’ (published in 2010 by, and co-author of the book CORPORATE CONTROLS’ ( to be published in 2012 by, with Dr. F. Nasuti and Dr. C. Kyriazoglou.

No comments:

Post a Comment