GRC And Social Media: Strategy For Success

Social Media
4 min read


Social media remains one of the most talked about and used phenomena in this new age digital world. Today’s tech-savvy organizations are on the constant look out for the latest social technologies that can help them gain a competitive advantage over their peers. The rise of popular social networking sites like Facebook, LinkedIn, and Twitter in the workplace has provided a big boost to the broader social media movement. In fact, an increasing number of organizations are harnessing the power of social media platforms and applications for both internal and external communications. Organizations, large and small alike, are leveraging powerful social media capabilities to share updates, curate content, and promote and showcase their products and services, as well as communicate with employees, media, partners, and their broader ecosystems.

According to the 2014 Social Media Marketing Industry Report, a significant 92% of marketers indicate that social media is important for their business, up from 86% in 2013. Nearly 89% of marketers want to know the most effective social tactics and the best ways to engage their audience with social media.

While a corporate presence on social media has become imperative for all organizations, it can also be a double-edged sword. It offers limitless opportunity for success, but if not used appropriately, it can cause irreparable disasters.

Risk Management in the Context of Social Media

While the benefits and value of social media are clear, risk management in the context of social media remains a more elusive, lesser known, and lesser understood facet. As an increasing number of organizations embrace social media tools for work-related purposes, new risks are presented. According to Gartner’s 2015 CIO Survey, 89% of CIOs agreed that the digital world engenders new, vastly different, and higher levels of risk.

According to a recent MetricStream survey report, in 70% of the surveyed organizations, the Marketing or Corporate Communications department is the core group responsible for monitoring and managing their company’s social media presence. Only 20% of organizations have actively involved their Governance, Risk Management, and Compliance (GRC) groups in social media monitoring. This poses a concern, as it indicates that companies are focusing more on the marketing aspects of social media, and not necessarily on the risks and compliance mandates surrounding it.

Effective Social Media Risk Management

Users of social media, along with the organization’s technology and broader GRC professionals, must understand the potential identity, security, compliance, and privacy threats arising from social media, so that they can design and implement the most efficient and effective risk mitigation and management strategies. All risks must be defined, analyzed, assessed, monitored, and managed as part of the organization’s overall GRC strategy.

Predictive analytics-driven systems can help organizations gain a better understanding of the risk landscape and all potential risks. Nearly 60% of the financial services companies who participated in the Deloitte 2014 Global Survey on Reputation Risk indicated that they invest heavily in monitoring various data sources, including traditional and social media data sources. Citing the sheer volume of social media channels and the number of ways people have the potential to use those channels to destroy shareholder value, Gartner Research Director John Wheeler writes that organizations can tackle these challenges by developing clear social media policies and training for employees, establishing a social media risk management function, and providing adequate technology capabilities to support social media risk management.

Turning to Technology

Today’s latest GRC technology platforms and solutions can provide comprehensive compliance frameworks that support real-time identification of content and conversations across social networks, with the capability to integrate “big social media data” into the organization’s existing compliance infrastructure. Cross functional teams including IT, Marketing, Audit, Risk, Compliance, IT, Sales, HR, and legal professionals must all understand the role they play in this ecosystem, and put the right controls in place to regulate the ways in which the organization communicates socially with employees, partners, investors, the media, customers, and the public at large via social media.
Keep in mind, social media conversations are not always happening solely on organizations’ own pages, but also elsewhere on blogs, forums, and other individual and company pages. Organizations will continue to be challenged when it comes to identifying all of the accounts and pages that should be monitored on a continuous basis. Given the rapid emergence of new sites, pages, and hash tags, the process of defining the scope and methodology of social media monitoring will only become more complex.

In today’s mobile world, employees and organizations at large have an incredible toolkit to share information at lightning speed. As social media usage and adoption continues to rapidly grow across all levels of the organization, technology providers must step up to the plate. With the help of the latest GRC technologies that leverage natural language processing and big data analytics, organizations can be equipped and empowered to effectively monitor and govern social media. The right teams, the right technologies, and the right strategies can help create a truly harmonized approach to social media risk management in a way that ensures adherence to regulatory, legal, and compliance requirements, while guiding risk management, and protecting the corporate brand and reputation.



Read more about the latest happenings in the GRC universe. MetricStream experts share their valuable insights on how organizations can turn risk into a strategic advantage and thrive on risk.