Many companies are not familiar with the many risks Social Media present big and large companies. Last year I created a presentation on Corporate Social Media Guidelines and how to mitigate risks.

One of the topics where I have not seen any improvement has been in seeing policies and procedures revised to reflect better the current risks that every company is facing.

Like most companies when it comes to policies they create them to keep the auditor or  regulators happy. However being an IT Auditor many years and still holding the Certified Information Systems Auditor “CISA” Certification to serve to a few long term clients I have seen how many companies can get away with it.

Regarding policies around Social Media I see how every day more companies have their hands tied when they are confronted with an employee or company representative misuses Social Media.

Many Social Media Policies

The first thing you have to understand before creating a First Line of Defense with Social Media is the concept of the multiple policies that need to be created to integrate with your environment. A list of the multiple policies that should be part of your 1st Line of Defense which I found at Social Media Explorer :

Employee Code of Conduct for

• Online Communications
• Company Representation in Online Communications

Employee

• Blogging Disclosure Policy
• Facebook Usage Policy
• Personal Blog Policy
• Personal Social Network Policy
• Personal Twitter Policy
• LinkedIn Policy

Corporate

• Blogging Policy
• Blog Use Policy
• Blog Post Approval Process
• Blog Commenting Policy
• Facebook Brand Page Usage Policy
• Facebook Public Comment/Messaging Policy
• Twitter Account Policy
• YouTube Policy
• YouTube Public Comment Policy

Company Password Policy

I hope this list can serve as a guide for many and can be elaborated. I will be touching each and every policy in the next few posts so there can be more detail.

Is there one set of policies you have questions with?

Do you know of other policies you might need or have created?