Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Why social media is moving up the risk register and why risk managers should be worried

By James Leavesley.

Social media is here to stay with some analysts predicting that by 2016 as many as 40 percent of enterprises will utilize social media as a customer service channel. So why should this worry risk managers? Surely social media is the responsibility of the marketing department and aren’t there policies and procedures in place to prevent anything from going wrong? Think again.

An organization’s reputation can quickly be damaged through the instant spread of bad news or a negative incident via social media. Gone are the days when public affairs departments had time to consider statements to be released to the press, traditional media and customers in the event of a crisis happening. In fact a crisis can even begin on social media. It only takes one disgruntled customer to take to Twitter, You Tube or Facebook and the results can be costly. Even worse, damage can be done by a disgruntled employee with access to corporate social media accounts and a determination to discredit the company.

Regular risk management rules apply

In common with any risky situation normal risk assessment rules apply to managing social media – identify, record and mitigate risk. But how can this be achieved with an inherently disparate and very individual communication channel?

Step one: identification

The first step is to identify potential risks, in the case of social media these include:

  • Employees sharing confidential information;
  • Loss of control or ownership of the organization’s social media accounts;
  • Careless posting by employees: accidental or deliberate;
  • Employees defaming their employer on personal profiles;
  • Failing to respond to negative posts or responding in an inappropriate manner;
  • Failing to listen to the social web or the right conversations;
  • Not sharing best practice;
  • Being unaware of who is listening to which conversations and responding on behalf of the organization.

A lack of attention to detail in terms of knowing how usernames and passwords are being shared means that in the event of something going wrong no-one is accountable or traceable for posting the offending content. The lack of an audit trail makes it difficult to identify who and why a damaging internal post has appeared. Likewise, is it clear who is responsible for replying to external negative comments and in what tone? Adding fuel to the flames can make matters worse but if the source of that fuel cannot be identified steps to call a halt and correct the situation will take precious time.

Step two: record and manage

To record and manage potential social media risks the second step is to implement an enterprise control platform that works seamlessly across the entire organization, from marketing to customer service and operations. A single dashboard provides controlled access to an organization’s social media profiles monitoring who is authorized to make posts and the content of those posts. Individual logins only known by administrators will maintain security while greater control of abusive comments including keyword alerts (such as swear words) means content can be quickly and automatically removed.

Including a wiki area in the enterprise control platform means there is an easily accessible store for training materials, policies, guidelines and procedures. These documents can be made available to all users or specific user groups and workspaces in the event of either an internal or external risk being identified to allow a fast response.

Step three: mitigation

Mitigation is the third step when it comes to the control of social media risk. Nothing should be done in haste. In the event of the worst happening social media channels should be kept open and readers kept informed as to what is being done to remedy the situation. Openness and clarity are essential. In the event of the crisis having been created internally, audit trails and validation will soon identify the source and allow the necessary actions to be taken. If the crisis was as a result of an external source, the right people required to respond will be alerted and the appropriate reaction documented.

So, while there is no doubt that social media will continue to move up the risk register, by implementing sound processes and procedures supported by an enterprise control platform risk managers should still be able to sleep soundly at night.

The author

James Leavesley is chief executive officer, CrowdControlHQ.

CrowdControlHQ is a social media risk management and monitoring platform, which enables companies to control their social media profiles. It provides users with a platform that helps them protect passwords, moderate interactions, monitor usage and communicate across multiple accounts. www.crowdcontrolhq.com

•Date: 22nd November 2013 • UK/World •Type: Article • Topic: Enterprise risk management

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here