Social Media Governance

Revision as of 05:44, 7 January 2019 by User (talk | contribs) (Social Media Governance is about understanding the risks which social media poses to your organisation and having confidence that you are appropriately managing them.)

Social Media Governance is about understanding the risks which social media poses to your organisation and having confidence that you are appropriately managing them. Use of social media by people and organisations is increasing rapidly and the potential benefits of a successful social media strategy are significant. But, providing the freedom of a social media experience within sensible and easy to understand boundaries is the new challenge. Social Media Governance is less about systems and platforms and more about people, risk and strategy. A well implemented Social Media Governance strategy should make sure that you are managing the risks of social media while at the same time getting the benefits, through a proper scheme of guidance, training and monitoring.[1]

Elements of Social Media Governance Model[2]
Here are the 5 key elements of a solid social media governance model:

  • Definition of Scope: This sounds so basic but it is critical that you define what is and isn't covered by your governance model. Be sure to call out the specific social channels along with the policies and guidelines that relate to each of them. Depending on business and organizational needs, some companies may decide to have a common governance model for their internal and external customer-facing communities, while others may decide to keep the two separate. So it's essential to call out which ones are included to provide clarity to your employees.
  • Frequency & Process for Updates: Given that social media is evolving at the pace of light, your governance model will need regular review and update. Make sure you define the frequency of updates and the process for those updates. This will ensure that your governance model is not outdated and provides clarity on how the updates are made. If you want employee participation in the review (highly recommended), make sure you call it out along with details on when and how to provide input.
  • Branding Guidelines: For a large company, the broad variety of social media channels makes it imperative to clearly call out the branding guidelines for your external channels. The same principles that govern the design of all your external-facing communications such as website, collateral, etc. should be applied to official social channels. This would include, but not limited to, branded templates for your social channels like Twitter, social sharing & follow icons, as well as the use of company logo and related elements on external-facing channels.
  • Training & Education: A solid governance model should have plenty of educational resources for employees. This should include training on responding to customer feedback, both positive and negative. Typically, it's the customer support and PR organizations that are tasked with the responsibility of responding to customer feedback. However, social media is breaking down the traditional boundaries and depending on your company's social media engagement policy, it could be a marketing or salesperson who is having to respond to a customer query. So it's essential to have training as a cornerstone of your social media governance model.
  • Approval Processes & Continuity Planning: Your governance model should clearly call out what approval processes are in place for employees to engage in social media. It should answer questions such as: Can everyone participate (highly recommended) or only members of certain external-facing groups can engage via your company's social channels? What is the process for getting approval for an official account?

Components of Social Media Governance
Social Media Governance
source: Social Media Marketing

Steps to Creating Corporate Social Media Governance[3]
Social media governance is not something to be developed overnight. In fact, depending on the size of an organization, it can take years. Not only that, but social media governance is a living breathing document that will evolve over time. A working copy of social media governance should be in place sometime between the coordinating phase and the scaling & optimizing phase of the corporate social media maturity model. For the dormant and testing phases a social media policy should suffice.

  • Purpose: This section serves as the introduction for social media governance. It spells out clearly, to all stakeholders, why the document is important and what information it provides. In addition, the purpose should contain the broader goals behind the company-wide use of social media. Some broad goals could include increased public engagement, share of voice, public education, sales, customer service, etc.
  • Rules of Engagement: Also known as the code of conduct, the rules of engagement (ROE) should closely mirror existing standards of conduct prescribed by employee manuals, corporate policies, company core values and other governance. This section of the social media governance document does not go into specific details as to words and phrases which can or cannot be used, but rather focuses on general guidelines of what can and cannot be posted. This can vary based on the industry a company is in – examples could include hospitals (HIPPA), corporations (proprietary information), law firms (confidentiality), etc. Ultimately, the ROE should reaffirm the company’s code of conduct and existing media policies.
  • Processes: How specific goals, strategies and tactics are defined, conceived, deployed and tracked company-wide is the simplest way to describe this section. Are they driven by marketing, public relations, customer service, IT, sales, vendors (i.e. marketing agencies, PR firms, etc.) or some combination? How does social media information flow through the company? Who is responsible and how do they report? These are all questions that should be answered here.
  • Departmental Roles: This is an extension of the process section above. Not only does it explore the role of each department in detail, but the roles of the individuals in each department and their responsibilities and expectations. In addition, vendor’s roles, responsibilities and expectations should be spelled out here in detail.
  • Community Management: Large companies will probably need several community managers. These are the people on the social media front lines for a brand. They can be assigned by department, by social media channel or both. This section should serve as a road map and job description for community managers while defining their role, responsibility and what success looks like.
  • Escalation Practices: Brands on social media will receive many different types of posts on their blogs, accounts, walls, etc. The escalation practices section communicates to the entire organization what posts they can respond to and what posts should be pushed to a higher level. This is typically represented by some type of flow chart which describes “If that happens then do this.” A red, orange, yellow and green color system works well for escalation guidance too.
  • Crisis Communication Plan: In very rare cases a public relations nightmare can play-out on social media and traditional media. In these instances a company’s escalation policy will not work. It’s very important to coordinate this aspect of social media governance with a public relations firm if employed. There are many different ways to tackle crisis communications, but having a plan in place before it happens may help to mitigate the most negative effects. Communicating to the stakeholders their role in the plan is vital.
  • Social Media Style Guide: There are many “do’s and don’ts” in social media and each channel has its own faux pas. This is the area of social media governance which guides and educates users as to how to respond, what to post, what voice to use, tone, syntax and netiquette.
  • Legal Considerations: It’s not a bad idea to educate all stakeholders in more detail as to the legal considerations surrounding social media and brands. The ROE above should reference the information in this section. Some of the legal considerations may include contests, intellectual property (copyright and trademarks), defamation, consumer protection, privacy and others.

Social Media Governance Best Practices[4]
Interactions with social media may not always occur on a corporate network or controlled device, and more importantly the content itself is likely to be stored with a third party, such as Facebook or Twitter. This means current corporate policies may not extend to social media—a dynamic that represents the first recommended best practice:

  • Best Practice #1: Employ solutions that have the ability to capture additional approval on a site-by-site basis, to verify assent for capturing and monitoring. Since individuals may interact with social media outside corporate networks with each site representing a different set of relationships and entities which probably do not include the supervising corporation, assent for each account or site captured/monitored is appropriate. This practice minimizes the risk that employees may later claim a particular site was outside the scope of any agreement, or potential claims from third-parties that may have had content captured without authorization from at least one party. (At this point there is limited guidance on whether third parties must assent to monitoring or capture of social media, either the site owner itself or third-parties posting to that site. This is an area of law that will likely remain unsettled for some time.)
  • Best Practice #2: Wherever possible, create separate business identities for social media to minimize capture of personal or private information. Capturing inherently personal or private content rarely provides value to an organization. In fact, for most businesses, it would likely create new risks or obligations. Perhaps the most compelling reasons for organizations to carefully consider methods for capturing interactions are the duties it assumes once in possession. At the very least, organizations that are intentionally capturing interactions, or are likely to include interactions that could contain personal or private information, will be required to appropriately protect that information according to a variety of obligations. In general, when viewed in the context of what organizations are compelled to govern in social media, most firms will find that maintaining a business identity that is separate from purely personal interactions is best for employees and the firm itself. Some will argue that employees can subvert organizational policies by using non-authorized accounts for business interactions, and that is true. However, it is no different than it is today with personal email accounts over which organizations rarely have controls. If employees are intent on undermining governance mechanisms they will be creating unregistered identities regardless.
  • Best Practice #3: Prepare to deploy solutions that can govern the three primary categories of interactions. Most regulated organizations are taking a measured approach to social media and starting with a limited number of employees and approved social media sites. In the near-term, this means that organizations may appropriately focus on certain categories of models or capture methods. In the long-term, firms should become familiar with the different ways employees may interact with social media, and options to govern the full breadth.
    • Inside-Based Interactions: These interactions with social media sites arise from within a corporate network, or on a corporate-controlled device. This allows an organization options to capture or control interactions on the device itself, or at the network layer. It also allows for the potential to capture social media interactions without assent or approval of employees, assuming policies already exist that cover monitoring or collecting information stored or transmitted on corporate devices and networks.
    • Moderated Interactions:These interactions occur on corporate-maintained social media sites such as a corporate Facebook or Twitter account. In this instance, the organization itself is in essence the “owner” of the page and associated interactions. Specific individuals may exercise control on behalf of the firm, and these employees are presumably doing so with full knowledge of the organization. This category grants to the organization, as opposed to employees directly, the right to establish governance mechanisms.
    • Outside-Based Interactions: These interactions occur off an organization-controlled device or network. For those firms maintaining a policy that permits employees to engage in business conduct, they have two options in how these interactions can be governed and monitored: 1) Implement the capability to allow individuals to “Opt-In” or register a particular social media account. Although each site differs slightly in capture methods supported, registering the account grants the governance application the authority and credentials to see and capture content. 2) Consider solutions that can monitor aggregated feeds of publicly available information, such as Twitter feeds, public LinkedIn and Facebook sites, blogs, forums, third-party websites, and news sites. This allows firms to see if individuals are discussing their firm, their people, or their products.
  • Best Practice #4: Focus on solutions that can establish what something means, and understand how it relates to potential risk for an organization. There are few, if any, organizations today looking for more content to govern. Just capturing new types of interactions provides limited value. Where counsel can derive value is by mitigating risk and identifying insights in interactions that can help increase customer service or promote products. Given the sheer volume of potential interactions, and the fact that interactions may be very short (like a Tweet) or much more complex (like audio), solutions must possess the ability to find relevant patterns and relationships in the information. Understanding what social media interactions mean is far more important than simply capturing whatever someone can create.

See Also

IT Governance
Corporate Governance
Information Management (IM)
Enterprise Risk Management (ERM)
Resource Management
Records Management (RM)
Content Management (CM)
Enterprise Content Management (ECM)
Enterprise Data Integration (EDI)
Enterprise Information Integration (EII)
Enterprise Information Management (EIM)
Information Security Governance
Data Governance
Policy Governance
Information Governance (IG)


  1. What is Social Media Governance? PWC
  2. What are the Key Elements of Social Media Governance Model? Social Media Today
  3. 9 Steps for Creating Corporate Social Media Governance Kuno Creative
  4. Social Media Governance Best Practices ACC

Further Reading

  • Social Media Governance - Managing social media risk PwC
  • Why More Firms Need A Social Media Governance Plan Forbes
  • Social media and governance GSDRC
  • Using Social Media Governance to Protect Reputation Deloitte.WSJ
  • The Role of Cultural Intermediation in Co-creative Activities on Social Media Social Media Communication