Enterprisewide Social Media Risks

Document Sample
Enterprisewide Social Media Risks Powered By Docstoc
					               May 18, 2011
          Net.Finance 2011
 Palmer House Hilton Hotel
                       Jesse Torres
Pan American Bank, Los Angeles, CA
        www.PanAmericanBank.us
Social Media is Everywhere!

 Facebook: Over 500
  million worldwide
  active users.
 Twitter: Over 155
  million tweets per day.
 LinkedIn: Over 100
  million professionals
  subscribed.
 Blogs: Hundreds of
  millions in English.
                              2
And everyone is Connected!




                             3
Social Media is No Longer Just Fun
and Games




                                     4
Social Media Can Be No Fun At All




                                    5
Social Media Happens!

 During the work day
 During the sermon
 During highly informative
  conference presentations

 We cannot control what is
  uncontrollable.

 We must adapt to the new
  reality.

                              6
Social Media Brings Risk




                           7
Social Media Risks Are People Risks




                                      8
People Risks are the WORST Kind
of Risks




                                  9
What Can We Do?




                  10
What Else Can We Do?




                       11
Be Prepared!




               12
Identifying the Risks

 Social media-related risks are not technology risks.


 It is the “social” in social media that creates the risks.


 For organizations, social media risks can be classified
  into three types (Human Resource Risk Model):
    Pre-Employment Risks
    Employment Risks
    Termination Risks

                                                               13
Pre-Employment Risks
 These risks involve the use of
  social media during the
  application phase. Generally
  this involves the review of
  social media sites as part of
  screening process.

    Restricted only to information
     publicly available?
    Consideration only of
     “permissible” information?
    Organization may fail to hire a
     future star performer due to
     some “unusual” or “quirky”
     information found.
                                       14
Employment Risks
 These risks involve the employee’s use
  of social media during company and
  personal time.

    Employee access to social media during
    the workday.
        Loss of productivity
        Liability related to employee comments
         (includes regulatory risks)
        Disclosure of confidential information
         (customer and company information)
        Malware infections
    Employee access to social media during
    personal time.
        Liability related to employee comments
         (includes regulatory risks)
        Disclosure of confidential information
                                                  15
Termination Risks
 These risks involve the termination
  of employees for inappropriate use of
  social media and related activities.

   Compliance with National Labor
    Relations Act and related state laws.
   Compliance with Federal Stored
    Communications Act and related
    state laws.
   Compliance with policy statements
    and organizations norms.
   Compliance with other related laws,
    rules and regulations.
                                            16
Enterprisewide Risk Mitigation

 Plan/Strategy
 Policy
 Training
 Risk Assessment
 Audit




                                 17
Step One – Determine Strategy
 How does/will the organization use social media?
    Brand Awareness/Marketing
    Business Development/Sales
    Customer Retention
    Community Outreach
    Customer Service
    Etc.


 At a minimum, organizations should be “listening” to what
  is being said about the organization (Google Alerts,
  SocialMention, etc.).



                                                              18
Step Two – Create a Policy
 Provides baseline knowledge to all employees regarding social
    media and its acceptable range of uses.
   Informs employees in a formal written manner of the “ground
    rules” regarding the use of social media.
   Provides a list of “Do Nots!” – things that under any
    circumstance employees should do not do (e.g., use of profanity,
    disclosure of employee or customer personal information, etc.).
   Formal written guidance ensures that everyone involved in social
    media activities acts in a consistent manner that works to
    enhance the company’s brand.
   Strong social media policies allow companies to unleash its cadre
    of social media-savvy employees, creating greater exposure and
    opportunities.




                                                                    19
10 Guidelines for Crafting a Policy
1)    Provide the policy to EVERYONE.
2)    Make the policy a living, breathing document.
3)    Monitor others’ social media failures and successes as well as evolution.
4)    Make the policy broad in application.
5)    Disclaim when possible.
6)    Remind employees that they are Brand Ambassadors.
7)    Be honest and transparent but also confidential.
8)    Give employees leeway to respond in their own voice.
9)    If necessary, consider invoking a social media review process.
10)   Experiment and Have Fun.

Download “Creating An Ironclad Social Media Policy” at
      http://bit.ly/smpolicyguide



                                                                                  20
Step Three – Train the Staff
 Why create a strategy and
  policy if you are not going to
  train employees on how to
  implement it properly.

 Employees want to do the
  right thing. Show them the
  way!

 Trained staff can be
  unleashed on the social
  media universe to evangelize
  on behalf of the organization.
  Staff that is not trained will
  continue to stick things up
  their noses.

                                   21
Step Four – Conduct a Risk
Assessment
 Regulators and auditors treat social media as a
  service. Any new service must have a risk
  assessment completed.

 The organization’s internal auditors are best suited
  to conduct the risk assessment.




                                                     22
Step Five – Audit the Results
 Include social media components as part of the
  regular audit calendar.
       Social media page content reviewed as part of regulatory
        compliance review (advertising regs, broker/dealer regs,
        infosec regs, etc.).
       Social media background checks as part of human resources
        audit.
       Etc.

 The completed risk assessment (Step Four) will
 provide the auditors with the information needed to
 plan the audits.


                                                                    23
Shameless Plug
 Human Resources Guide to Social Media Risks




                                                24
Questions




            25
Contact Info
Jesse Torres
President & CEO
Pan American Bank
(323) 264-3310
MrJesseTorres@gmail.com

Download this presentation at:
 http://bit.ly/socialmedia2011-05-18




                                       26

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:101
posted:5/17/2011
language:English
pages:26