I felt it best to answer Anjuan’s statement of, ” CIO’s Should Own The Corporate Social Media Policy? ” here rather than on FaceBook, I’ve added a few other comments to. Anjuan touches on so many nerve endings in his article that I couldn’t bring myself to keep it short. : )
On the surface it would appear the CIO is a great candidate to be the owner of a Social Media Policy, but only on the surface. A few of the questions to be asking before assigning this responsibility are, who is responsible for crafting the consistent message of the organization? How is that message integrated into all communications, and who is responsible for executing it? Who is responsible for the metrics and tracking them? Who is responsible for the role of listening to who is saying what about an organization? I suspect not the CIO.
The CIO does own the Acceptable use or Internet Policy, so a Social Media Policy really isn’t necassary. This policy may be touched upon in a Non-Disclosure Agreement and or Code of Conduct document all staff must sign when hired. But not likely. Begging the question, isn’t that an HR responsibility?
Anyway, In the example of a Virus entering the organizations network via Facebook or any other Internet source is not a Social Media Policy issue. It’s not even an Internet Policy or Acceptable use policy issue, that would be assigning responsibility to the wrong place. It is however a security issue which is handled by the I.T. Manager’s Security & Network Administrator’s. It is already assumed that these virus attacks are going to happen and are common place anyway, the CIO only wants to know that the I.T. Manager’s Security & Network personal are looking after this problem before it happens. (That’s an assumption of course)
The CIO should however, recommend to Upper Executives a Social Media Team be formed and that they are in compliance with the Internet & Acceptable Use Policy. This team resides within the Marketing / PR Departments, not I.T. The Policy Monitoring should be entrusted to all Executives / Managers / Department Heads. To be completely honest, as a former CIO I wouldn’t want that job for all the tea in China; I am more interested in more high level issues, like where technology is going, how and what do we use it for, how does technology help us meet company goals, not worrying about violator’s & monitoring chatter.
The Tools: Again, as long as all departments and or staff follows the Internet & Acceptable Use Policy, I don’t care which tools they use. The department head’s might care, but I don’t. The role of the CIO is not to police or babysit, it is to ensure that the IT department is doing what the organization needs purely from a technical perspective. HR can monitor the Internet Policy as it’s probably packaged with the NDA and Code of Conduct anyway. I.T. will have monitoring software that can spit out reports for HR if needed, HR can then deal with the violating staff person and inform the head of I.T., NOT the CIO, unless a crime has been committed.
When it’s all said and done, the CIO is responsible for the technology needs of the organization and to see that technology align’s with the organizations business processes (needs). He is also tasked with educating executives and the organization as a whole on new technologies that may be of value or are being implemented. They may make a direct improvement to the bottom line or automate an existing process. Assuming the CIO get’s involved in the details or the tasks his Manger’s should be handling would be poor use of the CIO’s time.
The Internet Policy & Acceptable Use Policy will already have covered the Social Media aspect of the Internet, Social Media is not new, Instant Messaging and Blogging forced organizations to address these types environments years ago. What you say on the Internet could be a violation of the company Code of Conduct, NDA, Internet & Acceptable Use Policy.
I hope this helps, and I hope it makes you ask more questions, I love a good debate now and then, some of us will agree and many
will disagree but that’s OK. Thanks Anjuan for getting it started. Anjuan, you are on the right track, but remember, Social Media
is about giving up control and embracing ambiguity and sharing. Social Media is also the new CRM (Customer Relations Management). A seperate Policy for Social Media will be confusing and overlap the above mentioned Policy’s.
So, should CIO’s own the corporate Social Media Policy? My answer is….No.