Soumettre la recherche
Mettre en ligne
Social media-assessment
•
5 j'aime
•
1,557 vues
Thilak Pathirage -Senior IT Gov and Risk Consultant
Suivre
E vluation of Social media rsk
Lire moins
Lire la suite
Médias sociaux
Signaler
Partager
Signaler
Partager
1 sur 54
Télécharger maintenant
Télécharger pour lire hors ligne
Recommandé
Social Media Assessment Workbook
Social Media Assessment Workbook
Tom Humbarger
How to conduct a social media assessment
How to conduct a social media assessment
Andrea Baker
Social Media Assessment Workbook
Social Media Assessment Workbook
Automotive Digital Marketing Professional Community
Social Media MTL Conference Ppt
Social Media MTL Conference Ppt
rajpatelplantemoran
Develop a Social Media SEO Strategy
Develop a Social Media SEO Strategy
TopRank Marketing Agency
Social Media Solutions
Social Media Solutions
Ariel Dagan
Connect with Social Media
Connect with Social Media
Mark Evangelista
Starting a social media project
Starting a social media project
Lars de Winter
Recommandé
Social Media Assessment Workbook
Social Media Assessment Workbook
Tom Humbarger
How to conduct a social media assessment
How to conduct a social media assessment
Andrea Baker
Social Media Assessment Workbook
Social Media Assessment Workbook
Automotive Digital Marketing Professional Community
Social Media MTL Conference Ppt
Social Media MTL Conference Ppt
rajpatelplantemoran
Develop a Social Media SEO Strategy
Develop a Social Media SEO Strategy
TopRank Marketing Agency
Social Media Solutions
Social Media Solutions
Ariel Dagan
Connect with Social Media
Connect with Social Media
Mark Evangelista
Starting a social media project
Starting a social media project
Lars de Winter
Social media 101
Social media 101
mollyborchers
Social Media Seminar
Social Media Seminar
Natalie
BizSoMe seminar
BizSoMe seminar
Epic States
Best Practices Social Media Marketing For Business
Best Practices Social Media Marketing For Business
Surekha Parekh
Furniture Makers Talk
Furniture Makers Talk
SocialB
Enterprise Social Media - by KME Internet Marketing of DC
Enterprise Social Media - by KME Internet Marketing of DC
KME Internet Marketing
Global Gateway Social Media Marketing
Global Gateway Social Media Marketing
theonlyelina
Social Media Assessment - How to Get Started
Social Media Assessment - How to Get Started
Walter Adamson
Social Media and Your Salesforce: Slides from 2014 IASA BootCamp+
Social Media and Your Salesforce: Slides from 2014 IASA BootCamp+
Darin Reffitt
Sb social mediaforbusiness-selectthemes2010-3nov10
Sb social mediaforbusiness-selectthemes2010-3nov10
Association Executives of North Carolina
“How Marketers are using Social Media Marketing to grow their Business”
“How Marketers are using Social Media Marketing to grow their Business”
Tamanna Satsangi
Sbs v4-130305232717-phpapp01 (1)
Sbs v4-130305232717-phpapp01 (1)
plutoone TestTwo
Public Relations by Pramit J Nathan
Public Relations by Pramit J Nathan
Pramit J. Nathan
Social media marketing from a bottom up perspective
Social media marketing from a bottom up perspective
Maxim Boiko Savenko
Stand Out SOcial Marketing - 4 Steps for a Social Marketing Audit
Stand Out SOcial Marketing - 4 Steps for a Social Marketing Audit
Mike Lewis
strategy_map_step_by_step
strategy_map_step_by_step
MidMarket Place
05.Social media strategy
05.Social media strategy
Julian Matthews
Social Media Optimization
Social Media Optimization
taylorspilak
Timo Elliott
Timo Elliott
rajshreekj
29 Must-Know Terms For Every Social Media Analyst
29 Must-Know Terms For Every Social Media Analyst
Mohamed Mahdy
Biotech Risk Webinar Presentation
Biotech Risk Webinar Presentation
Tim Salaver, MBA, PMP, CSSMBB, CSM
Relevant Media Yandex Webinar
Relevant Media Yandex Webinar
Andrew Kuzeev
Contenu connexe
Tendances
Social media 101
Social media 101
mollyborchers
Social Media Seminar
Social Media Seminar
Natalie
BizSoMe seminar
BizSoMe seminar
Epic States
Best Practices Social Media Marketing For Business
Best Practices Social Media Marketing For Business
Surekha Parekh
Furniture Makers Talk
Furniture Makers Talk
SocialB
Enterprise Social Media - by KME Internet Marketing of DC
Enterprise Social Media - by KME Internet Marketing of DC
KME Internet Marketing
Global Gateway Social Media Marketing
Global Gateway Social Media Marketing
theonlyelina
Social Media Assessment - How to Get Started
Social Media Assessment - How to Get Started
Walter Adamson
Social Media and Your Salesforce: Slides from 2014 IASA BootCamp+
Social Media and Your Salesforce: Slides from 2014 IASA BootCamp+
Darin Reffitt
Sb social mediaforbusiness-selectthemes2010-3nov10
Sb social mediaforbusiness-selectthemes2010-3nov10
Association Executives of North Carolina
“How Marketers are using Social Media Marketing to grow their Business”
“How Marketers are using Social Media Marketing to grow their Business”
Tamanna Satsangi
Sbs v4-130305232717-phpapp01 (1)
Sbs v4-130305232717-phpapp01 (1)
plutoone TestTwo
Public Relations by Pramit J Nathan
Public Relations by Pramit J Nathan
Pramit J. Nathan
Social media marketing from a bottom up perspective
Social media marketing from a bottom up perspective
Maxim Boiko Savenko
Stand Out SOcial Marketing - 4 Steps for a Social Marketing Audit
Stand Out SOcial Marketing - 4 Steps for a Social Marketing Audit
Mike Lewis
strategy_map_step_by_step
strategy_map_step_by_step
MidMarket Place
05.Social media strategy
05.Social media strategy
Julian Matthews
Social Media Optimization
Social Media Optimization
taylorspilak
Timo Elliott
Timo Elliott
rajshreekj
29 Must-Know Terms For Every Social Media Analyst
29 Must-Know Terms For Every Social Media Analyst
Mohamed Mahdy
Tendances
(20)
Social media 101
Social media 101
Social Media Seminar
Social Media Seminar
BizSoMe seminar
BizSoMe seminar
Best Practices Social Media Marketing For Business
Best Practices Social Media Marketing For Business
Furniture Makers Talk
Furniture Makers Talk
Enterprise Social Media - by KME Internet Marketing of DC
Enterprise Social Media - by KME Internet Marketing of DC
Global Gateway Social Media Marketing
Global Gateway Social Media Marketing
Social Media Assessment - How to Get Started
Social Media Assessment - How to Get Started
Social Media and Your Salesforce: Slides from 2014 IASA BootCamp+
Social Media and Your Salesforce: Slides from 2014 IASA BootCamp+
Sb social mediaforbusiness-selectthemes2010-3nov10
Sb social mediaforbusiness-selectthemes2010-3nov10
“How Marketers are using Social Media Marketing to grow their Business”
“How Marketers are using Social Media Marketing to grow their Business”
Sbs v4-130305232717-phpapp01 (1)
Sbs v4-130305232717-phpapp01 (1)
Public Relations by Pramit J Nathan
Public Relations by Pramit J Nathan
Social media marketing from a bottom up perspective
Social media marketing from a bottom up perspective
Stand Out SOcial Marketing - 4 Steps for a Social Marketing Audit
Stand Out SOcial Marketing - 4 Steps for a Social Marketing Audit
strategy_map_step_by_step
strategy_map_step_by_step
05.Social media strategy
05.Social media strategy
Social Media Optimization
Social Media Optimization
Timo Elliott
Timo Elliott
29 Must-Know Terms For Every Social Media Analyst
29 Must-Know Terms For Every Social Media Analyst
En vedette
Biotech Risk Webinar Presentation
Biotech Risk Webinar Presentation
Tim Salaver, MBA, PMP, CSSMBB, CSM
Relevant Media Yandex Webinar
Relevant Media Yandex Webinar
Andrew Kuzeev
Taco Bell Social Media Strategy
Taco Bell Social Media Strategy
Kimberly McVeigh
Social Media Assessment Case Study Citrix Webex
Social Media Assessment Case Study Citrix Webex
Society3
Sample Social media analysis/Report
Sample Social media analysis/Report
Kantinath Banerjee
Social Media Engagement is Not a Strategy
Social Media Engagement is Not a Strategy
Mark Schaefer
Social Media Strategy
Social Media Strategy
Vanina Delobelle
TOP 10 Social Media Advertising Hacks of ALL TIME
TOP 10 Social Media Advertising Hacks of ALL TIME
Internet Marketing Software - WordStream
En vedette
(8)
Biotech Risk Webinar Presentation
Biotech Risk Webinar Presentation
Relevant Media Yandex Webinar
Relevant Media Yandex Webinar
Taco Bell Social Media Strategy
Taco Bell Social Media Strategy
Social Media Assessment Case Study Citrix Webex
Social Media Assessment Case Study Citrix Webex
Sample Social media analysis/Report
Sample Social media analysis/Report
Social Media Engagement is Not a Strategy
Social Media Engagement is Not a Strategy
Social Media Strategy
Social Media Strategy
TOP 10 Social Media Advertising Hacks of ALL TIME
TOP 10 Social Media Advertising Hacks of ALL TIME
Similaire à Social media-assessment
Social Business Imperative
Social Business Imperative
Dell Social Media
Social Media in Business Communicatio n
Social Media in Business Communicatio n
Irfan.Or
Social Business Imperative Women's President Organization
Social Business Imperative Women's President Organization
Liz Bullock
Social Media 101 for the CCTB
Social Media 101 for the CCTB
hjmorris
Impact of Social Media on eCommerce Trends and Opportunities.pdf
Impact of Social Media on eCommerce Trends and Opportunities.pdf
BrainspateInfotech
Workforce 2.0 presentation to university of texas school of communications
Workforce 2.0 presentation to university of texas school of communications
Thinktwice Communications
Integrating Social Media and How To Use It
Integrating Social Media and How To Use It
Jared Roy
Social Media Public Relations (Ncfpd 2009)
Social Media Public Relations (Ncfpd 2009)
Akhil Rawat
Social Media Hands-On Workshop - Sept 2010
Social Media Hands-On Workshop - Sept 2010
Donny Shimamoto
Social Media Measurement 101
Social Media Measurement 101
aaronnewman
AAB Interactive Essentials: Social Media
AAB Interactive Essentials: Social Media
Sean Oakley
Telerx Social Media Presentation (Ext) Nov 09
Telerx Social Media Presentation (Ext) Nov 09
mle1953
Social Media To Increase Your Business At The Regional Chamber Of Commerc...
Social Media To Increase Your Business At The Regional Chamber Of Commerc...
Shashi Bellamkonda
Social Media & Freelancers Seminar
Social Media & Freelancers Seminar
Shashi Bellamkonda
Social Media To Increase Your Business At The Regional Chamber Of Commerc...
Social Media To Increase Your Business At The Regional Chamber Of Commerc...
Shashi Bellamkonda
Corporate Relations - Social media presentation
Corporate Relations - Social media presentation
LeedsMet_CR
Leveraging the Power of Social Media - For Cisco Partners
Leveraging the Power of Social Media - For Cisco Partners
SquareOne|Consulting
Social Media: Infiltrating The Enterprise
Social Media: Infiltrating The Enterprise
Jay McLaughlin
Tweet, Friend and Connect: Social Media Trends in the Insurance Industry 2
Tweet, Friend and Connect: Social Media Trends in the Insurance Industry 2
Lisa Trank
Socially Enterprising
Socially Enterprising
Jennifer Neeley Consulting
Similaire à Social media-assessment
(20)
Social Business Imperative
Social Business Imperative
Social Media in Business Communicatio n
Social Media in Business Communicatio n
Social Business Imperative Women's President Organization
Social Business Imperative Women's President Organization
Social Media 101 for the CCTB
Social Media 101 for the CCTB
Impact of Social Media on eCommerce Trends and Opportunities.pdf
Impact of Social Media on eCommerce Trends and Opportunities.pdf
Workforce 2.0 presentation to university of texas school of communications
Workforce 2.0 presentation to university of texas school of communications
Integrating Social Media and How To Use It
Integrating Social Media and How To Use It
Social Media Public Relations (Ncfpd 2009)
Social Media Public Relations (Ncfpd 2009)
Social Media Hands-On Workshop - Sept 2010
Social Media Hands-On Workshop - Sept 2010
Social Media Measurement 101
Social Media Measurement 101
AAB Interactive Essentials: Social Media
AAB Interactive Essentials: Social Media
Telerx Social Media Presentation (Ext) Nov 09
Telerx Social Media Presentation (Ext) Nov 09
Social Media To Increase Your Business At The Regional Chamber Of Commerc...
Social Media To Increase Your Business At The Regional Chamber Of Commerc...
Social Media & Freelancers Seminar
Social Media & Freelancers Seminar
Social Media To Increase Your Business At The Regional Chamber Of Commerc...
Social Media To Increase Your Business At The Regional Chamber Of Commerc...
Corporate Relations - Social media presentation
Corporate Relations - Social media presentation
Leveraging the Power of Social Media - For Cisco Partners
Leveraging the Power of Social Media - For Cisco Partners
Social Media: Infiltrating The Enterprise
Social Media: Infiltrating The Enterprise
Tweet, Friend and Connect: Social Media Trends in the Insurance Industry 2
Tweet, Friend and Connect: Social Media Trends in the Insurance Industry 2
Socially Enterprising
Socially Enterprising
Plus de Thilak Pathirage -Senior IT Gov and Risk Consultant
Cybersecurity-Audit-A-Case-Study-for-SME.pdf
Cybersecurity-Audit-A-Case-Study-for-SME.pdf
Thilak Pathirage -Senior IT Gov and Risk Consultant
ISACA Cyber-Audit-Certificate-Exam-Guide_Eng_0819.pdf
ISACA Cyber-Audit-Certificate-Exam-Guide_Eng_0819.pdf
Thilak Pathirage -Senior IT Gov and Risk Consultant
Auditing-Cybersecurity in the enterprise
Auditing-Cybersecurity in the enterprise
Thilak Pathirage -Senior IT Gov and Risk Consultant
ISACA Cybersecurity Audit course brochure
ISACA Cybersecurity Audit course brochure
Thilak Pathirage -Senior IT Gov and Risk Consultant
Capability_Assessment_of_IT_Governance_Using_the_2.pdf
Capability_Assessment_of_IT_Governance_Using_the_2.pdf
Thilak Pathirage -Senior IT Gov and Risk Consultant
cobit 2019 -current-user - ISACA Publication
cobit 2019 -current-user - ISACA Publication
Thilak Pathirage -Senior IT Gov and Risk Consultant
Introduction to ISACA COBIT-2019 Framwork.pdf
Introduction to ISACA COBIT-2019 Framwork.pdf
Thilak Pathirage -Senior IT Gov and Risk Consultant
Sql securitytesting
Sql securitytesting
Thilak Pathirage -Senior IT Gov and Risk Consultant
Cissp nda
Cissp nda
Thilak Pathirage -Senior IT Gov and Risk Consultant
Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12
Thilak Pathirage -Senior IT Gov and Risk Consultant
314
314
Thilak Pathirage -Senior IT Gov and Risk Consultant
Composite indicators
Composite indicators
Thilak Pathirage -Senior IT Gov and Risk Consultant
Plus de Thilak Pathirage -Senior IT Gov and Risk Consultant
(12)
Cybersecurity-Audit-A-Case-Study-for-SME.pdf
Cybersecurity-Audit-A-Case-Study-for-SME.pdf
ISACA Cyber-Audit-Certificate-Exam-Guide_Eng_0819.pdf
ISACA Cyber-Audit-Certificate-Exam-Guide_Eng_0819.pdf
Auditing-Cybersecurity in the enterprise
Auditing-Cybersecurity in the enterprise
ISACA Cybersecurity Audit course brochure
ISACA Cybersecurity Audit course brochure
Capability_Assessment_of_IT_Governance_Using_the_2.pdf
Capability_Assessment_of_IT_Governance_Using_the_2.pdf
cobit 2019 -current-user - ISACA Publication
cobit 2019 -current-user - ISACA Publication
Introduction to ISACA COBIT-2019 Framwork.pdf
Introduction to ISACA COBIT-2019 Framwork.pdf
Sql securitytesting
Sql securitytesting
Cissp nda
Cissp nda
Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12
314
314
Composite indicators
Composite indicators
Dernier
Call Girls In Gurgaon Dlf pHACE 2 Women Delhi ncr
Call Girls In Gurgaon Dlf pHACE 2 Women Delhi ncr
Sapana Sha
Vip Call Girls Tilak Nagar ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Tilak Nagar ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Call Girls In Andheri East Call 9167673311 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9167673311 Book Hot And Sexy Girls
Pooja Nehwal
Russian Call Girls Rohini Sector 37 💓 Delhi 9999965857 @Sabina Modi VVIP MODE...
Russian Call Girls Rohini Sector 37 💓 Delhi 9999965857 @Sabina Modi VVIP MODE...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
9990611130 Find & Book Russian Call Girls In Crossings Republik
9990611130 Find & Book Russian Call Girls In Crossings Republik
GenuineGirls
Your LinkedIn Makeover: Sociocosmos Presence Package
Your LinkedIn Makeover: Sociocosmos Presence Package
SocioCosmos
Ready to get noticed? Partner with Sociocosmos
Ready to get noticed? Partner with Sociocosmos
SocioCosmos
Film show post-production powerpoint for site
Film show post-production powerpoint for site
AshtonCains
Elite Class ➥8448380779▻ Call Girls In New Friends Colony Delhi NCR
Elite Class ➥8448380779▻ Call Girls In New Friends Colony Delhi NCR
Delhi Call girls
Codes and Conventions of Artists' Websites
Codes and Conventions of Artists' Websites
LukeNash7
Night 7k Call Girls Atta Market Escorts Call Me: 8448380779
Night 7k Call Girls Atta Market Escorts Call Me: 8448380779
Delhi Call girls
Unlock the power of Instagram with SocioCosmos. Start your journey towards so...
Unlock the power of Instagram with SocioCosmos. Start your journey towards so...
SocioCosmos
O9654467111 Call Girls In Dwarka Women Seeking Men
O9654467111 Call Girls In Dwarka Women Seeking Men
Sapana Sha
BDSM⚡Call Girls in Sector 76 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 76 Noida Escorts >༒8448380779 Escort Service
Delhi Call girls
CALL ON ➥8923113531 🔝Call Girls Ashiyana Colony Lucknow best sexual service O...
CALL ON ➥8923113531 🔝Call Girls Ashiyana Colony Lucknow best sexual service O...
anilsa9823
Night 7k Call Girls Noida Sector 121 Call Me: 8448380779
Night 7k Call Girls Noida Sector 121 Call Me: 8448380779
Delhi Call girls
Film show evaluation powerpoint for site
Film show evaluation powerpoint for site
AshtonCains
Call Girls In Noida Mall Of Noida O9654467111 Escorts Serviec
Call Girls In Noida Mall Of Noida O9654467111 Escorts Serviec
Sapana Sha
Social media marketing/Seo expert and digital marketing
Social media marketing/Seo expert and digital marketing
SheikhSaifAli1
Improve Your Brand in Waco with a Professional Social Media Marketing Company
Improve Your Brand in Waco with a Professional Social Media Marketing Company
WSI INTERNET PARTNER
Dernier
(20)
Call Girls In Gurgaon Dlf pHACE 2 Women Delhi ncr
Call Girls In Gurgaon Dlf pHACE 2 Women Delhi ncr
Vip Call Girls Tilak Nagar ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Tilak Nagar ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Andheri East Call 9167673311 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9167673311 Book Hot And Sexy Girls
Russian Call Girls Rohini Sector 37 💓 Delhi 9999965857 @Sabina Modi VVIP MODE...
Russian Call Girls Rohini Sector 37 💓 Delhi 9999965857 @Sabina Modi VVIP MODE...
9990611130 Find & Book Russian Call Girls In Crossings Republik
9990611130 Find & Book Russian Call Girls In Crossings Republik
Your LinkedIn Makeover: Sociocosmos Presence Package
Your LinkedIn Makeover: Sociocosmos Presence Package
Ready to get noticed? Partner with Sociocosmos
Ready to get noticed? Partner with Sociocosmos
Film show post-production powerpoint for site
Film show post-production powerpoint for site
Elite Class ➥8448380779▻ Call Girls In New Friends Colony Delhi NCR
Elite Class ➥8448380779▻ Call Girls In New Friends Colony Delhi NCR
Codes and Conventions of Artists' Websites
Codes and Conventions of Artists' Websites
Night 7k Call Girls Atta Market Escorts Call Me: 8448380779
Night 7k Call Girls Atta Market Escorts Call Me: 8448380779
Unlock the power of Instagram with SocioCosmos. Start your journey towards so...
Unlock the power of Instagram with SocioCosmos. Start your journey towards so...
O9654467111 Call Girls In Dwarka Women Seeking Men
O9654467111 Call Girls In Dwarka Women Seeking Men
BDSM⚡Call Girls in Sector 76 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 76 Noida Escorts >༒8448380779 Escort Service
CALL ON ➥8923113531 🔝Call Girls Ashiyana Colony Lucknow best sexual service O...
CALL ON ➥8923113531 🔝Call Girls Ashiyana Colony Lucknow best sexual service O...
Night 7k Call Girls Noida Sector 121 Call Me: 8448380779
Night 7k Call Girls Noida Sector 121 Call Me: 8448380779
Film show evaluation powerpoint for site
Film show evaluation powerpoint for site
Call Girls In Noida Mall Of Noida O9654467111 Escorts Serviec
Call Girls In Noida Mall Of Noida O9654467111 Escorts Serviec
Social media marketing/Seo expert and digital marketing
Social media marketing/Seo expert and digital marketing
Improve Your Brand in Waco with a Professional Social Media Marketing Company
Improve Your Brand in Waco with a Professional Social Media Marketing Company
Social media-assessment
1.
Social Media Assessment Discussion
Document
2.
http://www.youtube.com/watch?v=0eUeL3n7fDs
3.
Copyright © 2012
Deloitte Development LLC. All rights reserved.2 Assessing and auditing social media Overview of social media Social media opportunities Social media risks Regulatory environment A risk intelligent approach Contents
4.
Overview of social
media
5.
Copyright © 2012
Deloitte Development LLC. All rights reserved.4 Assessing and auditing social media Wikipedia: “Social media includes web- and mobile-based technologies to support interactive dialogue and introduce substantial and pervasive changes to communication between organizations, communities, and individuals. Social media are social software which mediate human communication.” Source: Wikipedia, Social Media, November 12, 2012, http://en.wikipedia.org/wiki/Social_media Merriam Webster: “Social media are forms of electronic communication (as Web sites for social networking and microblogging) through which users create online communities to share information, ideas, personal messages, and other content (as videos).” Source: Merriam Webster, November 12, 2012, http://en.wikipedia.org/wiki/Social_media About.com “Social media is a type of online media that expedites conversation as opposed to traditional media, which delivers content but does not allow readers/viewers/listeners to participate in the creation or development of the content.” Source: Social Media Definition, Susan Ward, November 12, 2012, http://sbinfocanada.about.com/od/socialmedia/g/socialmedia.htm Social media is continuing to evolve and so the definition is also changing. Here are some of the recent definitions. Social media definition
6.
Copyright © 2012
Deloitte Development LLC. All rights reserved.5 Assessing and auditing social media Social media Description Collaboration A page or site designed to enable collaborative contribution and modification of content by users Web Log Communications (Blogs) Frequent online publications with commentary on current events, subjects, or one’s personal thoughts Social Networking Site focused on building online communities, establishing connections, and providing avenues for social interaction Presence and Microblogging Brief real-time updates of personal commentary, news, or status (aka “Tweets”) Micro-Media: Online photo and video sharing Media-centric online communities that facilitate the viewing, sharing, and “tagging,” or classification, of media content Online Review & Opinion Forums Websites/Tools that allow users to search for peer reviews or advice on a product or service, as well as to contribute their own ratings and comments Social Networking Location Based Forums Website applications that allow users to “check in” and locate friends in various locations, share reviews and earn rewards Entertainment Social network games or interactive video games Social media is an umbrella term for a host of sites and technology that facilitates social interaction, sharing, and creation of user-generated content, and aggregation of users’ opinions and recommendations. Common forms of social media Social media landscape — Popular examples
7.
Copyright © 2012
Deloitte Development LLC. All rights reserved.6 Assessing and auditing social media Social Media Includes:
8.
Copyright © 2012
Deloitte Development LLC. All rights reserved.7 Assessing and auditing social media 680,747 views per corporate YouTube channel Facts and figures > 40% of social media users access content from their mobile phone 8 out of 10 companies are talked about on Twitter What happens in Vegas stays in Social Media 2 2nd largest search engine in the world is YouTube 78 78% of consumers trust opinions of others > 62% of Fortune 500 Companies have an active corporate Facebook or Twitter account 10.5 Billion Minutes are spent on Facebook each day excluding mobile 1 No. 1 Web activity is Social Media 80% of companies use social media for recruiting > 1 Billion active Facebook users 2.9 Billion Hours are spent on YouTube each month 190 190 Million tweets per day Sources: Statistics Brain: Social Network Statistics, www.statisticbrain.com/social-networking-statistics Social Media Revolution 2012, The Total Profit, October 23, 2011, http://www.youtube.com/watch?v=0eUeL3n7fDs
9.
Social media benefits
10.
Copyright © 2012
Deloitte Development LLC. All rights reserved.9 Assessing and auditing social media Opportunities Build a brand • Ability to build trust and engage customers through direct communication channels • Opportunity to grow through increased awareness of the brand • Better understanding of customer sentiment of the brand • Ability to proactively monitor and address issues early that surface on social sites • Customer feedback / dissatisfaction • Negative press • Ability for greater favorable perceptions of the brand • Ratings / Reviews • Ability to detect early warning signs of potential product or service issues Marketing • Increased marketing channels and opportunities • Increased brand awareness among target customers • Ability to engage in dialogue directly with customers • Ability to increase traffic to website • Improved insights about target market • Ability to identify new product or service opportunities • Ability to quickly reach the masses at a lower cost than traditional marketing and advertising Employees • Opportunity to improve operational efficiencies and increase the productivity of employees through collaboration • Ability to attract and retain talent Social media: Opportunities
11.
Copyright © 2012
Deloitte Development LLC. All rights reserved.10 Assessing and auditing social media Social media Generate Prospects and Leads (Sales) 1 • Decrease time to market for new products • Increase marketing effectiveness • Develop new revenue opportunities • Leverage “interest” based marketing & advertising Decrease Costs 2 • Decrease R&D costs for new products by listening to your customers (and prospects) • Focus on inexpensive social media tools instead of using the traditional expensive marketing channels • Decrease customer support costs Increase Loyalty 3 • Increase customer insights and intelligence (“Voice of Customer”) • Improve customer experience responsiveness • Improve customer education, expertise and service • Direct contact with the customer instead of indirect through the retail channels Manage Brand Reputation 4 • Increase brand awareness through social media • Protect brand and manage reputation • Benefit from spontaneous reactions from the community by connecting like-minded peers Loss of Control 1 • The voice of the customer is amplified • Companies no longer control the message or topic • Messages might include negative publicity Inconsistent message 2 • When engaging several employees in the social media world, their messages and responses may not be consistent and aligned with the strategy of the company Confidential Information 3 • The use of social media sites enables users to circumvent company controls, opening up the potential to violate communication policies • Education and training for employees is a component to managing loss of information Productivity loss 4 • Social media drives collaboration among co- workers but can also be a major distraction in the work place Benefits Challenges
12.
Social media risks
13.
Copyright © 2012
Deloitte Development LLC. All rights reserved.12 Assessing and auditing social media Social media: Risks Anticipated risks Legal and regulatory compliance • Disclosure of confidential data (e.g., Personal Health Information, Personally Identifiable Information) • Violation of copyright laws • Protection of intellectual property rights, patents, and trademarks • Regulatory noncompliance Security and privacy • Identity theft and social engineering • Technical exploits: Malware, viruses/worms, Flash vulnerabilities, and XML injection • Insufficient monitoring capabilities • Data leakage Brand and reputation damage • Viral video or bad press resulting from a security incident (i.e., loss of data) • Defamation, unfavorable or untrue posts • Copyright infringement • Insufficient monitoring and listening capabilities Social governance and strategy • Lack of policy • Lack of risk oversight • Misalignment of social strategy with strategic vision Employees • Inappropriate use of social media • Distraction/productivity loss • Inadequate training and awareness
14.
Copyright © 2012
Deloitte Development LLC. All rights reserved.13 Assessing and auditing social media Social media risk landscape Organization People Technology Data Unauthorized Disclosure Intellectual Property leakage Vulnerabilities Identity Theft Brand / Reputation Loss Public Unsatisfied Constituents Impact network availability (DOS) Virus/ Worms/Trojans Loss of Productivity HR Policy Violations Social Engineering / Impersonation Privacy Risk Trademark Infringement Loss of Control Over Content Copyright Issue Lack of Situational Awareness Negative Publicity False Impression/ Misguidance
15.
Regulatory environment
16.
Copyright © 2012
Deloitte Development LLC. All rights reserved.15 Assessing and auditing social media Regulatory Notice 10–06, 11–39: Guidance on blogs, social networking websites, and business communications The goal of the notice is to ensure: • Investors are protected from false or misleading claims and representations • Firms are able to effectively and appropriately supervise their associated persons’ participation in social sites Financial Industry Regulatory Authority (FINRA) Sources: FINRA Regulatory Notice 10-06: Social Media Web Sites: Guidance on Blogs and Social Networking Web Sites, January 2010 FINRA Regulatory Notice 11-39: Social Media Websites and the Use of Personal Devices for Business Communications : Guidance on Social Networking Websites and Business Communications, August 2011
17.
Copyright © 2012
Deloitte Development LLC. All rights reserved.16 Assessing and auditing social media Recordkeeping • Firms are required to retain records of communications for 3 years related to the broker-dealer’s business that are made through social media sites • Originals of all communications received and copies of all communications sent by the member, broker or dealer • Receipt of each compliant must be acknowledged within 15 business days Suitability • Broker-dealers are required to determine that recommendations are suitable for every investor to whom it is made Supervision • Maintain and establish mechanisms to supervise activities of associated persons to achieve compliance • Registered principal must review and approve social media sites and content to be posted (e.g., blogs and social networking sites) • Associated persons / registered representatives must be trained and not present undue risk • Policies and procedures are required FINRA (cont.)
18.
Copyright © 2012
Deloitte Development LLC. All rights reserved.17 Assessing and auditing social media Third-party posts • Customer and third-party posts on social sites established by the firm are not considered the firm’s communication • Exceptions – The firm aided in preparation of the content – The firm endorses or approves the content FINRA (cont.)
19.
Copyright © 2012
Deloitte Development LLC. All rights reserved.18 Assessing and auditing social media Memorandum OM 12–31 from the Office of General Counsel of NLRB emphasized that employee rights under Section 7 of the National Labor Relations Act (NLRA) must be considered when creating a social media policy or disciplining an employee for social networking activity. At issue is whether social media policies violate employees’ right, under Section 7 of the NLRA, to communicate or work together in “concerted activities” for the purpose of collective bargaining or to improve working conditions and terms of employment. Employers in both union and nonunion workplaces who terminate or discipline an employee based on a social media posting that the NLRB finds to be “protected concerted activity” — such as a Facebook conversation among employees complaining about pay — may be violating Section 7. “The Employer’s rule prohibited “making disparaging comments about the company through any media, including online blogs, other electronic media or through the media.” “We concluded that this rule was unlawful because it would reasonably be construed to restrict Section 7 activity…” National Labor Relations Board (NLRB) Sources: National Labor Relations Act, Rights of Employees, Sec. 7. [§ 157.], National Labor Relations Board Operations Management Memorandum 12-31, Office of General Counsel of National Labor Relations Board, January 24, 2012
20.
Copyright © 2012
Deloitte Development LLC. All rights reserved.19 Assessing and auditing social media FTC 16 CFR Part 255 “Guides Concerning the Use of Endorsements and Testimonials in Advertising” • Guides address the application of Section 5 of the FTC Act (15 U.S.C. 45) regarding endorsements and testimonials in advertising • The guides provide the basis for voluntary compliance with the law by advertisers and endorsers • Inconsistent practices with these guides may result in corrective action by the commission Federal Trade Commission (FTC) Source: Federal Trade Commission, 16 CFR Part 255, Guides Concerning the Use of Endorsements and Testimonials in Advertising, Federal Trade Commission, Final Rule; Notice of adoption of revised Guides, October 2009
21.
Copyright © 2012
Deloitte Development LLC. All rights reserved.20 Assessing and auditing social media FTC 16 CFR Part 255 “Guides Concerning the Use of Endorsements and Testimonials in Advertising” • Endorsements must reflect the honest opinions, findings, beliefs, or experience of the endorser and may not be deceptive – Both advertisers and endorsers can be liable for endorser’s statements • Section 5 requires the disclosure of a connection between an advertiser and an endorser when the relationship is not apparent within the communication containing the endorsement. – For example, an advertiser’s provision of a gift to a blogger for posting blog content could constitute a material connection that is not reasonably expected by readers of the blog. Federal Trade Commission (FTC) (cont.)
22.
Copyright © 2012
Deloitte Development LLC. All rights reserved.21 Assessing and auditing social media National Examination Alert with investment adviser considerations for evaluating use of social media compliance policies: • Usage guidelines • Monitoring • Content standards • Information security Details can be found at www.sec.gov U.S. Securities and Exchange Commission (SEC)
23.
Copyright © 2012
Deloitte Development LLC. All rights reserved.22 Assessing and auditing social media Federal Financial Institutions Examination Council (FFIEC) Social Media: Consumer Compliance Risk Management Guidance • Financial institutions should have a risk management program commensurate with the breadth of the financial institution’s involvement in social media, that allows it to identify, measure, monitor, and control the risks related to this medium. • Institutions are to control content on their social media site owned or administered by a third party and to change policies regarding information provided through the site. • Financial institutions should have procedures to address risks from occurrences such as members of the public posting confidential or sensitive information. • Financial institutions’ incident response protocol regarding a security event, such as a data breach or account takeover, should include social media, as appropriate.
24.
A risk intelligent
approach
25.
Copyright © 2012
Deloitte Development LLC. All rights reserved.24 Assessing and auditing social media Assessment Approach Phase III: Design and discovery Phase II: Social Listening Phase IV: Assess and analyze Phase V: Collaboration and reporting Phase I: Planning and scoping Activities: • Identify key internal and external stakeholders: Marketing, Product Development, IT, Compliance, Legal, Risk, etc. • Obtain relevant documents, strategy, policies, governance structure, etc. • Define/agree on scope and search criteria • Identify areas of focus • Develop a project plan and time table including program piloting strategy Activities: • Define search terms: brands, keywords, topic points, comparison organizations • Generate social media research reports through “listening” and “risk sensing” tools • Review raw data and identify patterns, anomalies, and areas for additional focus Activities: • Obtain stakeholder feed of “current state” through: – Online surveys – Workshops – Publicly available or privately subscribed information • Review existing social media and relevant security policies, strategies, governance • Review user access to owned social sites • Review regulatory requirements • Develop risk assessment framework Activities: • Synthesize responses • Aggregate the results using broad themes • Identify prioritized emerging risks and potential impacts from assessment and sensing research • Validate the observations with the stakeholders in one on one interviews Activities: • Collaborate with Deloitte subject matter experts and management to stratify emerging risks, potential impact • Develop risk mitigation response strategies for risks • Identify recommendations based on insights gained • Summarize findings Milestone: • Project Plan Milestone: • Social media listening report and high level insights Milestone: • Questionnaires, surveys or workshops • Templates Milestone: • Summary of preliminary findings • Validation meetings Deliverable: • Final report on recommendations and findings PhaseKeyActivitiesDeliverables
26.
Copyright © 2012
Deloitte Development LLC. All rights reserved.25 Assessing and auditing social media Understanding the social media perspective of the organization The perspectives below generalize the social media interactions of an organization. It is important to understand the social media perspective before assessing risk. Organization — Internal • Hosted on organization-owned or controlled technology • Restricted to organization employees only (in some special cases to clients and vendors) Organization — Public • Hosted on organization-owned technology (like a CEO blog on organization’s website) or is hosted by an external provider on their technology • Open to public • Sponsored by the organization or one of its business units in accordance with the organization policy Public • Hosted by an external provider on their technology • Open to public • Not sponsored by the organization Key Risk considerations Reputation risk management Legal and regulatory compliance Security and privacy Governance and strategy Training and awareness
27.
Copyright © 2012
Deloitte Development LLC. All rights reserved.26 Assessing and auditing social media • Who in the organization is responsible for social media: Marketing, Legal, IT, HR, Public Relations, etc. • Is there a social media center of excellence? • In what social media channels does the organization have an active presence? • Has a risk assessment been conducted to identify risks associated with the current use of social media? • Is there an established policy (and supporting standards) that addresses social media use? • Does the policy address all aspects of social media use in the workplace — both business and personal? • Have employees been educated on appropriate use of social media and are they aware of the policy? • Do employees receive periodic awareness communication regarding policies and risks? • What technology safeguards are in place? • Is there risk management oversight of policies and procedures? • Does a social strategy exist? Understand the social media landscape of the organization Source: Social Media: Business Benefits and Security, Governance and Assurance Perspectives, ISACA, 2010
28.
Copyright © 2012
Deloitte Development LLC. All rights reserved.27 Assessing and auditing social media Include key areas within the environment and identify stakeholders Social media activity affects a wide range of business functions within an organization. An effective social media risk assessment should include key areas affected by the use of social media and the identification of key stakeholders within those areas who understand the processes and pain points. Assess the environment Conduct interviews (or use questionnaires) with key stakeholders to asses current social media practices and uncover the associated risks with: • Reputation management • Governance and strategy • Legal and regulatory compliance • Security and privacy • Training and awareness Validate risks Summarize, socialize and agree on risks Prioritize, develop mitigation strategies and roadmap Conduct facilitated workshops to rank risks, develop recommendations, prioritize and build a roadmap Risk assessment approach • Marketing • Public relations • Customer service • Communications • Human resources • Internal audit • Information technology • Security • Legal & compliance • Risk • Crisis management • Other
29.
Copyright © 2012
Deloitte Development LLC. All rights reserved.28 Assessing and auditing social media Assessment Approach Phase III: Design and discovery Phase II: Social Listening Phase IV: Assess and analyze Phase V: Collaboration and reporting Phase I: Planning and scoping Activities: • Identify key internal and external stakeholders: Marketing, Product Development, IT, Compliance, Legal, Risk, etc. • Obtain relevant documents, strategy, policies, governance structure, etc. • Define/agree on scope and search criteria • Identify areas of focus • Develop a project plan and time table including program piloting strategy Activities: • Define search terms: brands, keywords, topic points, comparison organizations • Generate social media research reports through “listening” and “risk sensing” tools • Review raw data and identify patterns, anomalies, and areas for additional focus Activities: • Obtain stakeholder feed of “current state” through: – Online surveys – Workshops – Publicly available or privately subscribed information • Review existing social media and relevant security policies, strategies, governance • Review user access to owned social sites • Review regulatory requirements • Develop risk assessment framework Activities: • Synthesize responses • Aggregate the results using broad themes • Identify prioritized emerging risks and potential impacts from assessment and sensing research • Validate the observations with the stakeholders in one on one interviews Activities: • Collaborate with Deloitte subject matter experts and management to stratify emerging risks, potential impact • Develop risk mitigation response strategies for risks • Identify recommendations based on insights gained • Summarize findings Milestone: • Project Plan Milestone: • Social media listening report and high level insights Milestone: • Questionnaires, surveys or workshops • Templates Milestone: • Summary of preliminary findings • Validation meetings Deliverable: • Final report on recommendations and findings PhaseKeyActivitiesDeliverables
30.
Copyright © 2012
Deloitte Development LLC. All rights reserved.29 Assessing and auditing social media Approach Period data was gathered [tbd] Research Hypothesis Tool Selection Gather Raw Data Insights Investigate •Company Name •Competitors •Keywords •Industry •Ask Questions •Look for information •Seek sources •Speculate •Formulate •Radian6 •PeopleBrowsr •Attensity360 •Mutual Mind •Webtrends •Google Analytics •Google Trends •Twitalizer •PeerIndex •Klout •Kred •Mantis Pulse •WiseWindow •Adobe Social •Bottlenose •DataSift •Gnip •Alterian SM2 •Numbers •Charts •Graphs •Lists •Pictures •People •Interesting Patterns •Anomalies •Why? •Results match business goals? •Outside factors •What can be influenced? • Best ROI • Fastest • Easiest • Most important • Most critical • Most strategic More Research •Deeper Dive •New Questions •Follow on answers
31.
Copyright © 2012
Deloitte Development LLC. All rights reserved.30 Assessing and auditing social media Potential opportunities Community Management § Tend to the social garden by facilitating conversations between customers, employees, and partners § Assign Community Lead to manage and set strategic direction for Customer Communities across platforms § Analyze community data to enhance business strategy and product development § Regularly monitor and push appropriate content to Customer & Partner Communities Do these resonate? What other focus areas are most impactful to you? Proactive Social Support § Joining social conversations to help inform customers § Enabling tools & resources to monitor social platforms for support related events § Monitoring, Analyze, & Address support related conversations § Dedicate a percentage of support staff time to mining social channels for additional support related events Voice of Competitor’s Customers § Know what competitors’ products customers are purchasing and understand customer purchasing drivers § Configure listening tool to route these to sales and marketing for conversions and campaigns § Integrate CRM system with social listening to create competitor customer profiles § Identify competitor crises and establish war room procedures to quickly act on competitive advantages. Social Media Command Center § Set up a Command Center to monitor and respond to social trends, opportunities, and crisis. § Evaluate and select social monitoring, routing and interaction platforms § Formulate organization response policies to social crisis and events § Train resources for rotational assignment to social command and response teams
32.
Copyright © 2012
Deloitte Development LLC. All rights reserved.31 Assessing and auditing social media Assessment Approach Phase III: Design and discovery Phase II: Social Listening Phase IV: Assess and analyze Phase V: Collaboration and reporting Phase I: Planning and scoping Activities: • Identify key internal and external stakeholders: Marketing, Product Development, IT, Compliance, Legal, Risk, etc. • Obtain relevant documents, strategy, policies, governance structure, etc. • Define/agree on scope and search criteria • Identify areas of focus • Develop a project plan and time table including program piloting strategy Activities: • Define search terms: brands, keywords, topic points, comparison organizations • Generate social media research reports through “listening” and “risk sensing” tools • Review raw data and identify patterns, anomalies, and areas for additional focus Activities: • Obtain stakeholder feed of “current state” through: – Online surveys – Workshops – Publicly available or privately subscribed information • Review existing social media and relevant security policies, strategies, governance • Review user access to owned social sites • Review regulatory requirements • Develop risk assessment framework Activities: • Synthesize responses • Aggregate the results using broad themes • Identify prioritized emerging risks and potential impacts from assessment and sensing research • Validate the observations with the stakeholders in one on one interviews Activities: • Collaborate with Deloitte subject matter experts and management to stratify emerging risks, potential impact • Develop risk mitigation response strategies for risks • Identify recommendations based on insights gained • Summarize findings Milestone: • Project Plan Milestone: • Social media listening report and high level insights Milestone: • Questionnaires, surveys or workshops • Templates Milestone: • Summary of preliminary findings • Validation meetings Deliverable: • Final report on recommendations and findings PhaseKeyActivitiesDeliverables
33.
Copyright © 2012
Deloitte Development LLC. All rights reserved.32 Assessing and auditing social media Reputation risk management • Is there an effective crisis management plan for the escalation of incidents? • Is customer service involved and are they trained on crisis management? Legal and regulatory compliance • What is the landscape of the regulatory environment impacting the organization (e.g., FINRA, NRLB, FTC, HIPAA ) • Does the policy support the regulatory landscape and do social media operations comply with the internal policy, legal and regulatory requirements? • Is the organization’s use of social media in compliance with social media site policies? Security and privacy • Are the security and privacy risks associated with the adoption of social media being addressed? • What safeguards are in place to prevent data leakage? • Are cyber security safeguards in place to detect and prevent threats from social engineering attacks (e.g., phishing, identify theft)? Key assessment considerations Key Risk considerations Reputation risk management Legal and regulatory compliance Security and privacy Governance and strategy Training and awareness
34.
Copyright © 2012
Deloitte Development LLC. All rights reserved.33 Assessing and auditing social media Governance and strategy • Is there a well-defined and documented strategy? • Has a cross-functional governance framework been adopted that includes oversight of policies and adoption of initiatives? • Is there a policy? (Business versus Personal use) – If one exists, what’s in it? • Channels where the organization participates • Who is authorized to speak on behalf of the organization • Processes and tools in place to monitor communications by employees, customers or the public • Links to other related policies (e.g., acceptable use, handling sensitive data, data retention) • Restrictions • Consequences for noncompliance – Do employees know about it? Training and Awareness • What type of training and education is in place? • What is the frequency and timing? • Has an awareness program been adopted? Key assessment considerations (cont.) Key Risk considerations Reputation risk management Legal and regulatory compliance Security and privacy Governance and strategy Training and awareness
35.
Copyright © 2012
Deloitte Development LLC. All rights reserved.34 Assessing and auditing social media Social Media Governance Social Media Landscape Strategy Planning Social Media Ethics Compliance Enterprise Social Media Marketing and Communicatio n Relationship Management Legal Talent Product and Services Information Technology Security and Privacy Monitoring Social Media Technology Governance Strategy and Planning Ethics and Compliance Operations Technology and Infrastructure Guiding Principles Economic Conditions/ Industry Trends Social Media Strategy Social Media Investments Code of Ethics Compliance Culture Integration with Business Processes Branding and Reputation Stakeholder Engagement Legal and Regulatory Compliance Corporate Culture Innovation, Research and Development Architecture Identity and Access Management Social Media Analytics Content Sharing (Videos, Photos) Board Structure and Oversight Geopolitical Policy Digital Crisis Management Ethical Culture/Personal Ethics Policies and Procedures Innovation and Collaboration Integrated Marketing Systems Corporate Service/Support Litigation and Dispute Resolution Employee Code of Conduct Crowd Sourcing Employee Dashboard and User Interface Virus and Malware Social Media Trends Monitoring Social Networking Sites Reputation and Stakeholder Relations Laws and Regulations Web 2.0 Business Model Change Management Monitoring and Auditing Compliance Information Management Knowledge Management Social Media Campaign/Online Promotion Customer/Partner Feedback Intellectual Property Talent Recruitment and Management Concept Testing/Product Testing Cloud Computing Social Media Security Employee Monitoring Blogs Sustainability and Climate Change (S&CC) Social Media Platforms Alliances/Joint Ventures Knowledge Management Reporting and Prevention Controls and Monitoring Training and Development using Social Media Buzz Marketing/Viral Campaigns Community Management Copyright/ Trademark Infringement Social Media Management Team Launch Mobile Devices Information Leakage Content Monitoring Microblogging Risk Oversight and Supervision Technological Advances/ Changes Outsourcing Social Media Program Evaluation Conflicts of Interest Cyber Law Compliance Internal Communication Influencer Management Performance Management Social Media Tools Privacy and Data Protection Influencer Monitoring Internet Forums Competition Program Assessment and Evaluation Compliance Reporting Social Media Agency Response Management Employee Productivity Business Continuity Management Social Media Identity Theft Wikis Customer Demands and Trends Technology Adoption Allegations & Investigations Content Management Conversations Training on Social Media Change Management Security Infrastructure Location Based Services (LBS) Customers Corporate Actions and Discipline Media Management Trust/ Transparency Employee Relationships Technology Contracting, Outsourcing and Licensing Influencer Strategy Training Market Research Workplace Harassment/ Abuse Ethics Communication Virtual Workplace E-Commerce/ Sales Management Social Media Risk Intelligence Map Influencers Supervision Public Relations e-Discovery Social Media Measurement Social media risk intelligence map (RIM) Provides breakdown of social media areas — Governance, Strategy and Planning, Operations / Technology and identifies areas for which organization to focus on to help mitigate risk from social media
36.
Copyright © 2012
Deloitte Development LLC. All rights reserved.35 Assessing and auditing social media Risk intelligence map sample Risk class Risk categories Sub categories Specific risks
37.
Copyright © 2012
Deloitte Development LLC. All rights reserved.36 Assessing and auditing social media Assessment Approach Phase III: Design and discovery Phase II: Social Listening Phase IV: Assess and analyze Phase V: Collaboration and reporting Phase I: Planning and scoping Activities: • Identify key internal and external stakeholders: Marketing, Product Development, IT, Compliance, Legal, Risk, etc. • Obtain relevant documents, strategy, policies, governance structure, etc. • Define/agree on scope and search criteria • Identify areas of focus • Develop a project plan and time table including program piloting strategy Activities: • Define search terms: brands, keywords, topic points, comparison organizations • Generate social media research reports through “listening” and “risk sensing” tools • Review raw data and identify patterns, anomalies, and areas for additional focus Activities: • Obtain stakeholder feed of “current state” through: – Online surveys – Workshops – Publicly available or privately subscribed information • Review existing social media and relevant security policies, strategies, governance • Review user access to owned social sites • Review regulatory requirements • Develop risk assessment framework Activities: • Synthesize responses • Aggregate the results using broad themes • Identify prioritized emerging risks and potential impacts from assessment and sensing research • Validate the observations with the stakeholders in one on one interviews Activities: • Collaborate with Deloitte subject matter experts and management to stratify emerging risks, potential impact • Develop risk mitigation response strategies for risks • Identify recommendations based on insights gained • Summarize findings Milestone: • Project Plan Milestone: • Social media listening report and high level insights Milestone: • Questionnaires, surveys or workshops • Templates Milestone: • Summary of preliminary findings • Validation meetings Deliverable: • Final report on recommendations and findings PhaseKeyActivitiesDeliverables
38.
Lessons learned
39.
Copyright © 2012
Deloitte Development LLC. All rights reserved.38 Assessing and auditing social media • Social governance – Cross functional vs. Limited, decentralized • Training and awareness/policies – Personal vs. Business use • Social business strategy – Center of excellence • Regulatory compliance – Bloggers receive payment in kind • Entitlement reviews – External process • Data leakage protection / monitoring – Internal vs. External Lessons learned from recent assessments
40.
Auditing social media
41.
Copyright © 2012
Deloitte Development LLC. All rights reserved.40 Assessing and auditing social media • Does the policy specify the approved social media channels? Who has access to these accounts and who maintains them? • Does the policy address intellectual property rights? • Does the policy require monitoring of all content posted on social media sites? • Does the policy give a careful consideration to review and accept the social media provider’s terms of service? • Does the policy specify whether only public information can be posted on social media websites? Social media policy • Does the policy specify what the employees can and cannot do on a social network? • Can employees communicate on behalf of the Company? • Does the social media policy connect with other policies that might be affected by social media (including IT, Ethics, IP, Privacy, Anti-discrimination, harassment, etc.)? • Does the policy specify required training? • Does the policy specify what is monitored? • Does the policy clarify consequences? Business Use Employees’ Use +
42.
Copyright © 2012
Deloitte Development LLC. All rights reserved.41 Assessing and auditing social media Awareness program ISACA recommends any strategy to address the risks of social media usage should first focus on user behavior through the development of policies and supporting training and awareness program that covers: • Whether it is allowed • The nondisclosure/posting of business-related content • The discussion of workplace-related topics • Inappropriate sites, content or conversations Personal use in the workplace Personal use outside the workplace Business use • Whether it is allowed • The nondisclosure/posting of business-related content • The discussion of workplace-related topics • Inappropriate sites, content or conversations • Whether it is allowed, and process to gain approval for use • The scope of topics or information permitted to flow through this channel • Disallowed activities • The escalation process for customer issues
43.
Copyright © 2012
Deloitte Development LLC. All rights reserved.42 Assessing and auditing social media Source: ISACA, Social Media: Business Benefits and Security, Governance and Assurance Perspectives [Whitepaper]. People • Have effective trainings been delivered to all users? • Do users (including employees) receive regular awareness communications regarding policies and risks? Process/Data • Have business processes that utilize social media been reviewed to determine that they are aligned with policies and standards of the enterprise? • Are content control processes in place to determine that social communications intended to represent the company are approved before dissemination? Technology • Does IT have a strategy and the supporting capabilities to manage technical risks presented by social media? • Do technical controls and processes adequately support social media policies and standards? • Does the enterprise have an established process to address the risk of unauthorized/fraudulent use of its brand on social media sites? Focus areas
44.
Copyright © 2012
Deloitte Development LLC. All rights reserved.43 Assessing and auditing social media Auditing social media — people Loss of productivity Identity theft Social engineering Risk Example Controls Objective: Employees, contractors and customers are aware of their responsibilities relating to social media. Activities: • Establish user agreements for social media use • Conduct awareness training to inform users of the risks involved using social media websites • Use content-filtering technology such as DLP (Data Loss Prevention) • Limit access to social media sites Responsible parties: HR, Information Security HR policy violations
45.
Copyright © 2012
Deloitte Development LLC. All rights reserved.44 Assessing and auditing social media Auditing social media — process Reputational loss Regulatory compliance risk (i.e. copyright, trademark infringement, and privacy issues) False impression Risk Example Controls Objective: The enterprise brand is protected from negative publicity or regulation violation Activities: • Establish policies to determine legal- sensitive communications are tracked and archived • Conduct awareness training to inform users of the risks involved using social media websites • Scan the internet for misuse of the enterprise brand Responsible parties: HR, Information Security
46.
Copyright © 2012
Deloitte Development LLC. All rights reserved.45 Assessing and auditing social media Auditing social media — data Unauthorized disclosure Improper content Intellectual property leakage Risk Example Controls Objective: Enterprise information is protected from unauthorized access or leakage through/by social media. Activities: • Establish user agreements for social media sites • Develop policies on the use of enterprise- wide intellectual property • Determine if there is a capability to log the communications Responsible parties: Legal, HR, Information Security
47.
Copyright © 2012
Deloitte Development LLC. All rights reserved.46 Assessing and auditing social media Auditing social media — technology Constraining network bandwidth Virus/Worms via the social media sites Data theft from mobile devices Risk Example Controls Objective: IT infrastructure supports risks introduced by social media. Activities: • Install anti-virus applications on all systems including mobile devices • Use content-filtering technology such as DLP • Limit access to social media sites during business hours Responsible parties: Information Security
48.
Copyright © 2012
Deloitte Development LLC. All rights reserved.47 Assessing and auditing social media • Perform a study on what organization specific foot printing information is available on the Internet, and how it might be used to produce an exploit that targets the organization’s IT or Industrial Systems. The below assessments could be performed to in conjunction with a social media assessment to address other vulnerabilities, that could be related social media. Cyber threat profile analysis Suspicious program diagnostics • Use available industry hash data sets and cyber intelligence to match against a generated inventory of system files endeavoring to identify hidden exploits. Perform digital forensic analysis on suspect computers including examining system memory. Intranet cyber compromise diagnostic • Security event logs and infrastructure logs are analyzed to look for evidence of internal machines that may have been compromised and are attempting to communicate with miscreant controlled devices on the Internet. Anti-phishing capability diagnostic • Assess organizations’ anti-phishing program in order to help identify gaps and improvement opportunities. It includes looking at recent phishing incidents, intelligence services, and the organization’s incident handling procedures. Additional considerations
49.
Group exercise
50.
Copyright © 2012
Deloitte Development LLC. All rights reserved.49 Assessing and auditing social media Group Topic Discuss at your table Share with the group Group 1 Governance and strategy • How is the area relevant to your organization? • Top three risks • Current Challenges • How you are addressing risks and challenges • Share other observations Group 2 Legal and regulatory compliance • What are key risks in this area? Group 3 Security and privacy • What are the controls that you are seeing to address these risks? Group 4 Brand and reputation management • Given the above, any interesting trends emerging? Working session
51.
Questions?
52.
Copyright © 2012
Deloitte Development LLC. All rights reserved.51 Assessing and auditing social media Khalid Wasti Director Deloitte & Touche LLP (212) 436-5156 kwasti@deloitte.com Contact info
53.
Copyright © 2012
Deloitte Development LLC. All rights reserved.52 Assessing and auditing social media • “Web 2.0 reinvents corporate networking.” Gopal, Raj, et al. Deloitte Consulting LLP • “Market Intelligence and Content Curating.” Eric Openshaw, Deloitte & Touche LLP • “Social Media Audit/Assurance Program” ISACA • “Social Media: Business Benefits and Security, Governance and Assurance Perspective” ISACA • “2012 Identity Fraud Report: Social Media and Mobile Forming the New Fraud Frontier” Javelin Strategy & Research • “Auditing Social Media: A Governance and Risk Guide” by Peter R. Scott and J. Mike Jacka • Statistics Brain: Social Network Statistics, www.statisticbrain.com/social-networking-statistics • Internal Auditor, “The Social Media Scene”, August 2012, Allison Cain References and additional resources
54.
About Deloitte Deloitte refers
to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. Copyright © 2012 Deloitte Development LLC. All rights reserved. Member of Deloitte Touche Tohmatsu Limited
Télécharger maintenant