When was the last time you updated your corporate social media governance plan and ensured all aspects of the plan are current, effective, and well-communicated?
As we stated in our last blog post, research firms have listed risk to brand reputation as the #1 risk concern of global c-level executives, and risks arising from technology in the top 10. Social media can be an in-road for both of these risk concerns. This is why your Social Media Governance Plan is a critical part of the corporate risk program.
We know ... creating an effective corporate-wide plan can feel like a tremendous weight on your shoulders. But reacting to a social media risk event without a plan is a much bigger weight! So to help lighten the load, we're getting you started with a general direction of an effective Social Media Governance Plan.
Creating Your Social Media Governance Plan & Process
Social media governance is an ongoing process with the primary goal of mitigating risks for your company — the cyberthreats that can enter through social media and the human interactions that may harm your brand reputation. To be the most successful at this process, it is critical to have a plan in place and to work the plan. It is also critical to ensure the plan ties into the overall corporate risk program.
A governance plan has a lot of moving parts and takes a team of focused people to not only create it, but to follow the specified process to mitigate corporate risks. Having this focused team that is well-versed in the plan is the company's best defense to truly manage a risk or crisis event when it happens. Yes, that was when, and not if, it happens.
Whether you are creating your first Social Media Governance Plan or updating your current one, this outline can help you have the right conversations with the stakeholders that need to approve (and take part in) the plan. The key elements are:
Gather the Corporate Stakeholders of Social Media Governance
Review Corporate Risk Management Priorities
Review the Corporate Goals for Social Media Governance
Analyze Previous Successes, Failures, and Changes
Social Media, Employment, and Industry Law and Regulation Review
Review Corporate Social Media Policy
Social Network Participation and Risk Review
Discovery — Social Media Audit Process
Social Media Governance Process
Procedures when Risk Event Occurs
Train Employees on Social Media Governance
Monitoring Procedures to Ensure Governance
Review Cycle for Governance Plan
Of course, each industry and company has special considerations, so there may be other categories you need to address. For example, if website, blog and domain management are also managed within the same group and process, you can add review of websites, domains, and blogs for a complete web presence management process and title this plan the Web Presence Governance Plan. Be clear about your corporate needs for the plan and make sure you include what is necessary.
In this post, I will address items 1 and 2 to get you started on your social media governance planning process. Next week, we will continue stepping through the outline with examples to help you be as thorough as possible.
Corporate Stakeholders of Social Media Governance
Social media now touches just about every department of the corporation and it's important to include every stakeholder on your governance team. Your key stakeholders may be different from another corporation, depending on the adoption level of social media in a department and the risk profile of the company. Here are the representatives that may need to be included on your social media governance team:
- The Champion. Who is the person ultimately responsible for the success or failure of the social media governance process? And who communicates to the C-level about the plan?
- Social Media Governance Manager. This person is responsible for ensuring the ongoing process of the governance plan is managed, and delivers status reports to the team throughout the year.
- Marketing/PR representative. This is the team member that understands the brand standards and the voice of the brand(s) intimately. If you have a very large brand portfolio, you may have multiple people representing this area of responsibility.
- IT representative. This person contributes cyber-security and technology risk knowledge and management.
- Risk representative. This person may report to the Financial department or Legal department (wherever risk responsibility resides). The person should be very familiar with the corporate risk program and the priorities of risk management for the company.
- Sales Representative. If sales employees are active on social media, then this representative is important.
- Customer Support representative. Crises often stem from dissatisfied customers posting on social media and customer support is often the front line of this channel .
- HR representative. Since policy and certain types of employee communication is disseminated via HR, an HR person may be an important member of the team.
- Legal representative. This person understands the laws around social media governance and the risk concerns about your company's intellectual property. They are also critical in understanding the best course of action in many risk events.
All of these stakeholders are important to ensure that the aspects of risk in a specific area are presented and managed. When a risk event does occur, each representative on this team should be responsible for implementing the plan's procedures in their department, as well as contribute new ideas to strengthen governance in their area as new information or opportunities arise.
Corporate Risk Management Priorities
As stated in our last post, the greatest risk concern of most CEOs is the risk to reputation….but find out what the specific risk concerns are for your company. While you are at it, see if there are projections for the next three years so you can make your governance plan span longer than a 12-month period. If you are in a regulated company, the primary risk concern may likely be the risk of non-compliance to regulation, so confirming the risks that your C-level executives prioritize is critical to get the best social media governance plan in place.
To start the ball rolling, however, the following risks are likely concerns for your company. For each risk, begin thinking how it might stem from, or play out on, social media.
- Risk to Brand Reputation. This can come about from a disgruntled customer, a terminated employee or consultant, a defective product, or any number of avenues. Theses types of examples are the more common scenarios that people think of when considering corporate social media risk management.
- Technology or Cyberthreat. Hacks are certainly the largest concern, and a hack can take many forms. What type of hack do you need to guard against and be prepared to address? Start with internal security by determining how social media passwords will be governed. Some of our customers centralize password management in the IT department using products such as LastPass. Technology advances (or new services) can also present interesting threats. Take for example the expansion of the gTLD extensions. If you are in the wine business, you should be jumping on the new .wine and .vin extensions for your brand names to preserve your IP and digital brand ownership.what new extension effect your business and have you secured the domain to prevent someone squatting on your brand? The same would be true every time a new social network comes on the market and starts to take off. So a review of new technologies around domains and new social networks is a good idea at this time.
- IP Risks. Brand-jacking or counterfeit sites are fairly common, especially around luxury goods. These can be real risks to your IP (Intellectual Property) such as your trade names, not to mention the loss to company revenue. But brand squatting can also be an IP risk; have you secured your trademarks and tradenames with every social media network? What about industry-specific networks (such as Zillow, Trulia, Houzz, Lender 411, etc., if your company is in the real estate or mortgage industry)?
- Regulatory and Compliance Risks. This is especially true in regulated industries. Become familiar with all the laws and regulations that apply to your business.
- Natural Disasters. If you are in a business that can be effected by natural disasters, this is an important risk to consider. How will you support the company and your customers via social media should a natural disaster occur. This is certainly a high priority for insurance companies.
- Global Financial Impact. How would a global financial event impact your company and how would that be a concern on social media for your company. If you are in the financial industry, this is a real risk as customer fears about money losses can exacerbate comments on social.
There are many other risks to a company such as Competition, Attracting Talent, Property Damage, and more.
Understanding the specific risks to your company and considering how they may (or may not) belong in a social media governance strategy session is an important step to ensuring your Social Media Governance Plan is aligned with the general corporate risk management strategy.
Our next post will continue explaining the outline for an effective Social Media Governance Plan for your company, including the first steps to prepare for a social media audit. The outline listed above can help you gather information to get started.
Remember, the primary goal is to manage the risks to the company and the brands and secondarily to strengthen your brand reputation using sound governance. Keeping this in mind as you develop or update your plan will be the best way to have a successful governance program!
If you'd like to read about a Brandle social media audit case study and why this work is important, take a look at our Enterprise Web Presence Audit Case Study. This white paper will help you prepare for your own audit.