An approximation to

the risk factor of social

networks,
Recognizes the power and importance of social networks for
companies

The present study approximates the risk factor of social networks,

recognizes the power and importance of social networks for
companies in all industries. At the same time, it helps identify and
explore many of the potential, negative consequences posed by
social networks in terms of brand, strategy, regulation, legal and
market risks.

MA Marketing, Jorge Yeshayahu Gonzales-Lara

Miami Florida
An approximation to
the risk factor of social networks,
Recognizes the power and importance of social networks for companies

Table of Content

page
Abstract 3
Introduction 4
1.1 Understanding the platform risks 7
Facebook 7
Twitter 8
LinkedIn 8
E-mail 8

1.2 The benefits and risk of the social media 9

1.3 Types of social media risks 10

Fraud 10
Loss of intellectual property 11
Financial loss due to malware 12
Privacy violations 13

2.1 The components of the effective management of the risk of the

Social media 13
I- Governance 14

2.2 Functions and responsibilities defined for specific types of risks

of social media 14

2.3 Coordination with other business units 15

2.4 Acceptable use policies for social media 15

2.5 Risk levels of risk of social media defined 16

2.6 Defined scale routes and information lines 17

2.7 An operational model for crisis management 17

1|Page
 II Processes 18

3.1 Identify the risks of the social media, as well as the opportunities 19

3.2 Evaluation and reports in the risk of different functional

Perspectives 20

3.3 Continuous risk follow-up 20

3.4 Mitigate and transfer risks in a profitable way 22

3.5 Capture of social media data 23

III. Systems 23

4.1 Capture of social media data 24

4.2 Text analytical motors 24

4.3 Security and data storage 24

4.4 Reports and control boards 24

4.5 Social media monitoring services for a global bank 25

5.0 Enablers of effective social media risk management 25

5.1 Conscious risk culture 25

5.2 Making this happen requires that employees 26

5.3 Performance management and measurement 27

6.0 Conclusion and recommendation 28

References and Bibliography 29

2|Page
An approximation to
the risk factor of social networks
Recognizes the power and importance of social networks for companies

Jorge Yeshayahu Gonzales-Lara

MA, Marketing,
BA Sociology,
MA Latin American Studies,
CASAC-T clinical counselor.

The present study approximates the risk factor of social networks, recognizes the power

and importance of social networks for companies in all industries. At the same time, it

helps identify and explore many of the possible negative consequences posed by social

networks in terms of brand, strategy, regulation, legal and market risks.

An effective risk management capacity of social networks can provide ideas for life and

make a difference in the business results offered by companies. Social media platforms

and applications have been rapidly implemented by most organizations during the last

decade.

New ways of using social networks emerge weekly and new social media tools seem to

reach the market with the same frequency. Other risks may arise due to the specific

situation of a company and the use of social businesses, highlighting the need for

organizations to include social business capabilities in their risk assessment and

management efforts.

Introduction

3|Page
Social media platforms such as Facebook, Twitter and LinkedIn have become

integral parts of business. Whether your company aggressively uses these

platforms to reach potential or existing customers, or simply maintains a

minimal presence in social networks, social networks can trigger a wide variety

of risks for the company. The risks are as varied as an unauthorized publication,

a pirated social media account or a publication of the authorized company that

is ultimately discouraged.

Social media platforms and applications have been rapidly implemented by most

organizations during the last decade. New ways of using social networks emerge

weekly and new social media tools seem to reach the market with the same

frequency.

Social networks are a compendium of prominent accessible media: corporate

blogs, video sharing sites like YouTube, social networks like Facebook,

microblogging tools such as Twitter, rating / review sites, wikis (knowledge base

websites that allow several authors edit and edit simultaneously create), and

crowdsourcing, among others. This medium takes advantage of the power of the

Internet, web 2.0 and mobile technologies to facilitate the creation, exchange,

use and modification of user-generated content to connect people.

The convergence of these technologies is forever altering the dynamics of

• customer relationship

• management,

• marketing and

4|Page
 • corporate communications for many companies.

The number of social network users worldwide increased from 1.47 billion to

1.73 billion; around 25 percent of the world's population. The global audience of

social networks is expected to reach a total of 2.55 billion.

People spend respectively 13 and 16 minutes every hour using social

networks. The most important thing is the use of social networks by companies

around the world. Among Fortune 500 companies, 77 percent now have active

Twitter® accounts, 70 percent have Facebook® pages and 69 percent have

YouTube ™ accounts. The social business is about leveraging social networks to

achieve business objectives. It incorporates social tools in many business

processes, connecting people with people, people with information and data with

information.

In the financial services industry, other ways in which social networks have value

include:

• Brand • Marketing / advertising

• Corporate communications

• Service

• Resolution of complaints

Social business communities allow companies to listen and learn from

customers, satisfied or dissatisfied, regarding their experiences. They also

5|Page
provide opportunities for product development teams to obtain early information

from groups of potential buyers about new product plans, from marketing to test

messages, and for companies to educate and inform customers about the uses

and applications of products.

While these developments present significant opportunities for companies to

connect with their customers and others, they are also creating a completely new

set of potential risks for companies to monitor. The following social media risks

should be considered:

• Loss of intellectual property and sensitive data.

• Compliance violations

• loss of reputation

• Financial disclosures.

6|Page
 • Effects on human resources.

• Inability to manage the "technology gap"

• loss of security

• Competition risk.

• Brand Abduction

• Bad management of the social forums of the business community.

The problem here is the fact that traditional risk management policies and

procedures were not designed to literally minute-by-minute monitoring of social

media conversations to identify brand, strategy, compliance, legal and legal

risks. market.

Those risks are considerable. Financial institutions have had to close social

media forums due to unanticipated negative comments; stock markets have

been affected by fraudulent social media publications; companies have had to

change or terminate strategies in response to the strength of social

networks; Other companies have suffered damage to the brand due to the power

of social networks to send negative impressions almost instantly worldwide.

The present study is an approximation to the risk factor of social networks,

recognizes the power and importance of social networks for companies in all

industries. At the same time, it helps identify and explore many of the potential,

negative consequences posed by social networks in terms of brand, strategy,

regulation, legal and market risks. An effective risk management capacity of

7|Page
social networks can provide ideas for life and make a difference in the business

results offered by companies.

1.1 Understanding the platform risks

Social media risks vary by platform from enabling corporate spying with

Facebook, post to disclosing confidential customer lists on LinkedIn

FACEBOOK

Blurring the boundaries between business and personal lives, those photos of

you having too much fun can be far more than just embarrassing. Employers

reputations can be harmed too if your behavior runs counter to high profile

corporate campaigns and messaging mean a good corporate soy is able to piece

together information and their R & D pipeline.

TWITTER

8|Page
The urge to share new nuggets of information instantly can be overwhelming but

information shared too freely can be stitched together by interested

outsider. Spies working for a security consultancy were able to predict that a

company would file for bankruptcy based on employee Tweets about budget

cut. And there is also just plain fraud: stock markets crashed after a hacker

fraudulently used the Associated Press Twitter account to post fake news of a

White House bombing.

LINKEDIN

Salespeople who establish LinkedIn relationships with customers do not intend

to disclose confidential customer lists but are doing so unless they are careful

about revealing their contacts. Employees need to vet contacts with care and

understand how much information they are sharing. Corporate spies have

even worked out when divisions are in trouble because people are touting for

work on LinkedIn.

E-MAIL

We all know about the obvious risk of communicating sensitive information over

email, but emails today is sent with an ever-increasing number of weblinks and

embedded malware. It has become distressingly easy for hackers and spies to

install rogue software on computers when people inadvertently click on bad

links, not just via Facebook but also in your own inbox.

1.2 The benefits and risk of the social media

9|Page
People who use social networks to publish false news about the performance of

a company, and then take advantage of the increase in the price of the

shares? Or the stories of criminals who have used personal information posted

by people on their social media pages to get answers to security questions and,

therefore, gain access to their bank accounts? Also, evidence of the fact that, for

more benefits than social media platforms provide companies in terms of

communications, advertising, greater consumer participation and more, social

networks also carry many risks.

One problem is that much of the press coverage focuses on aspects of brand risk

or reputation of the use of social networks. But reputational risk is only one

among many types of social network risks, and in some cases, they can hide or

hide other types of risks under a single brand value and reputation label. It is

logical to think that if companies do not have a broad enough understanding of

the risks of social networks, they probably do not have a broad enough approach

to manage the risks of social networks.

The approach involves governance structures, processes and information

systems, backed by leadership, culture, compliance and performance

management activities that strengthen the human dimension of risk

management, which can often be the weakest link. One of the risks is not being

open enough to social networks but knowing their role in business and culture. I

still hear stories of industry executives who don't take social media seriously,

which is simply a "nice to have". But it has great power. This can be negative,

10 | P a g e
given the speed with which the problems spread in social networks. But it can

also be extremely positive. It can foster better relationships or create additional

contact points in the digital marketing space. "

Social networks should be understood as equally important as other channels:

radio interviews, television broadcasts, newspaper and magazine articles, web

articles, etc. Customer and customer demographics are among the factors that

play a role in the extent to which banks enter social networks.

1.3 Types of social media risks

The use of social media may expose companies to numerous business ricks, most

of these risks result from a combination of organizational weaknesses and

vulnerabilities exposed through bad use a data and sharing data.

• Fraud

11 | P a g e
The cases of high-profile hackers who represent themselves as organizations or

companies have highlighted the potential of social networks to commit fraud,

which is more difficult to handle because information becomes "viral" very

quickly in a world where Line and wireless. These cases have had serious

consequences. Hackers who represent themselves on Twitter® as the Associated

Press published a false story about a White House bombing that caused the Dow

Jones Industrial Average to drop about 150 points in a matter of minutes,

representing approximately $ 150 billion in market value. News organizations

have seen their online presence compromised through similar

activities. The risks of social media fraud increase dramatically due to the

decision of the Security and Exchange Commission in early 2013 to allow

companies to make financial disclosures and disseminate material information

through social media platforms such as Twitter® and Facebook ®.

• Loss of intellectual property

Corporate espionage is a thriving business: one estimate is that, among the

1,000 largest companies in the world, espionage generates losses of $ 45 billion

every year. It is an activity that has been made easier in many ways by the growth

of social networks

For example, a corporate spy establishes LinkedIn® relationships with

customers does not intend to disclose a confidential and highly valuable

customer list, but in effect it is. Employees who post on Facebook® or tweet

about an interesting job they are doing may not mean any harm; but a good

12 | P a g e
corporate spy could gather several such data to develop advanced information

about the product of a company that is still in the R&D stage. In one case, the

spies who worked for a security consultancy could predict that a company would

declare bankruptcy based on employee tweets about budget cuts and the fact

that the vice president of operations was looking for work at LinkedIn®. The irony

here is that in some cases LinkedIn® is the only social networking site that banks

do not block for their employees because they believe it is a

“professional networking” site. Finally, they shared non-public information

about their company's income.

• Financial loss due to malware.

Users of social media platforms such as Facebook® often send links to each

other; Links to videos, music, it has become distressingly easy for hackers and

spies to install malicious software on computers when people inadvertently click

on an incorrect link, including, in some cases, what looks like a legitimate

ad. Such malware can cause a variety of pranks, including attracting people to

fraudulent transactions or using hidden software to steal personal data and

information, as well as corporate information that may be on the computer.

Hackers are establishing second Facebook® pages for individuals and

businesses, thus establishing relationships in which someone could disclose

important information. Some other scams have used messaging capabilities

within social media platforms to carry out computer attacks.

13 | P a g e
In other cases, phishing schemes that look like legitimate messages from a social

media company cause users to reveal their password. Many people use the same

password for several accounts, which could mean that someone now has a

password for the person's corporate network.

• Privacy violations.

Social networking sites have experienced security breaches in which confidential

user information was shared publicly. This happened to Facebook® in early

2013, when a software error allowed a program to inadvertently share

information from six million users, such as email addresses and phone

numbers. The violation meant that any company that was using Facebook® to

promote their business could have publicly shared their customers' information.

Another way in which customer privacy can be violated is through a technique

called "data scraping." This is a method to track the activities of people online

and collect personal data from their use of social networking sites and online

sites. In some cases, this is done by research companies that then sell the data

to other companies.

2.1 The components of the effective management of the risk of the social

media.

14 | P a g e
Faced with the risks of social networks and these organizational

vulnerabilities, the risk management of social networks with distinctive activities

in all governance processes and systems. These become the value catalysts to

realize the full potential of a social media strategy. The three main components

are augmented and supported by other activities that have to do with

compliance, culture and leadership, and performance management.

I. Governance.

Governance focuses on the creation of new structures, policies and

responsibilities to manage the risk of social networks, as well as the awareness

of how the organization is using social networks in a strategic and operational

way. Although the general principles of governance are applied in the field of

social networks as with other corporate strategies, some specific differences and

15 | P a g e
permutations in several areas must be taken into account, including the need to

effectively coordinate functions and the need for procedures of well-defined crisis

management that can be instituted at any time.

Governance: Creating new structure and policies for managing structure

risks. An established social media risk management structure including:

• Formally defined roles and accountabilities enterprise -wide and within

exposed functions.

• Coordination among business units.

• Acceptable -use policies for social media.

• Well-defined risk tolerance levels.

• Defined escalation pathways.

• An operating model for crisis management.

2.2 Functions and responsibilities defined for specific types of risks of

social media.

The risks arising from the use of social networks in a corporate environment

expose many different functions and groups to risks, from the fulfillment of

corporate affairs to IT and marketing. These groups must cooperate to combat

their mutual vulnerabilities, which means sharing information and operating in

accordance with consistent policies and understandings.

Part of this shared understanding involves clearly defined roles and

responsibilities. We show a sample or an illustrative governance structure that

provides an idea not only of the reporting lines, but also what role each function

16 | P a g e
can play in the identification, evaluation and management of particular types of

risks. The marketing organization, for example, could focus on brand or

reputation risk, while the legal and audit departments would be responsible for

privacy and fraud issues, respectively.

2.3 Coordination with other business units.

The importance of coordinating the social media strategy itself as a means to

mitigate reputation and business risks. “We occupy a very large real estate

property in the field of social networks, covering all our business units. So, from

that perspective, it is important to have a central group, in our case, the

marketing and branding division, which oversees the social media

strategy.” Larger organizations should ensure that the different units do not

publish conflicting statements. "It is very important to make sure everyone

knows what others are doing.

2.4 Acceptable use policies for social media.

Creating an acceptable use policy for employees (as well as, potentially,

contractors and vendors ; when it comes to social networks does not imply

starting with a blank page, but rather based on existing policies that cover

interaction with the media, public communications, the management of

confidential information and how to protect against misuse of information.

In general, such policy statements should encourage, rather than discourage,

social media activity and help provide strong guidelines and examples of

behaviors that are acceptable and not acceptable.

17 | P a g e
However, among the policies that banks must distrust is how to reconcile the

construction of relationships through social networks with their consequent

risks. A policy among some banks, as noted by the CISO of a US regional

financial institution. UU., Is that the bank does not interact with customers (yet)

through social networks, but only through branches, telephones or banking

channels. This executive said: "It is vital that banks consider the many risks,

including reputation and compliance, that come with customer interaction

through social networks."

2.5 Risk levels of risk of social media defined

Companies with a mature business risk management function are accustomed

to talking about risk tolerance levels. For example, they establish trade limits or,

if they are operating in a country where there are disturbances, they will

establish a level of tolerance for employee safety and when they should withdraw

them.

Similarly, companies must define their risk tolerances for social networks. For

example, if a company wants to foster a more open commitment to the general

public and make many people talk about their brand, that is an opportunity that

carries a greater degree of risk; People who don't know the company very well

will make the publications visible to thousands of people. Another consideration

is about what kind of information you feel comfortable sharing the company on

social networking sites. Do you want to share financial information that

increases transparency, something welcomed by suppliers and contractors but

18 | P a g e
that could also expose information to competitors? In general, it is important for

companies to run scenarios with results of increasing levels of impact to

determine where they want to set limits.

2.6 Defined scale routes and information lines.

It is important to designate, for each key risk category, an individual responsible

for making the final decisions on the risks of social networks, managing the risks

and handling any crisis that may arise. From the risk owner down in the

organizational structure, there should be a clear line of reports, a route of

escalation such that, if a risk indicator appears, everyone knows exactly how the

problem is going to escalate.

2.7 An operational model for crisis management.

In a certain percentage of cases, almost inevitably, "risks" become real problems

that must be addressed. To plan such an occurrence, companies need what the

executive terms of banking social networks, "an operational model for crisis

management." In today's environment, when a customer is not satisfied, they are

now entitled to instantly complain to a large number of people through social

networks; If a large number of people retweet or republish this information, the

bad impression can go viral very quickly.

Two things are especially important in these cases, says this executive. First, for

some types of problems, some messages and responses must be previously

written and previously approved by public relations and the legal department,

so that the answers can be made quickly by approved people who are notified of

19 | P a g e
an incident. Second, for cases where previously approved responses are not

enough, it is vital.

II. PROCESSES

Effective social media risk management processes protect operations and brand

in a cost-effective way, adjusting operations for proactive evaluation and

monitoring of social media risks. Companies are already aware of the importance

of having consistent processes to handle the identification, measurement,

management and reporting of risks. However, such processes will often look

somewhat different in the world of social networks, partly due to the always

active nature of social media platforms.

Processes:

20 | P a g e
Adjusting operating for proactive social media risk assessment and

monitoring. Consistent processes to manage operations while identifying

business opportunities. Processes include:

• Social media risk identification across categories (reputation, intellectual

property, fraud prevention, business disruption).

• Risk assessment reporting and monitoring.

• Cost-effective risk mitigation / transfer.

3.1 Identify the risks of the social media, as well as the opportunities.

Social media risks must be accurately identified in all categories, for example,

reputation, intellectual property, fraud prevention and business disruption.

Risk identification is based on the guidance established in the governance

discussion of this document. That is, identifying risks properly requires knowing

what the company's risk tolerance levels are for different activities. It means

being familiar with policies to fully understand what the company's attitudes

are. And it means understanding the roles and responsibilities to bring together

the right people to define the risks properly and accurately.

Part of the risk identification is identifying business opportunities. For example,

given the known strengths and weaknesses of risk in your institution's social

networks, what could be done in the form of new products, services, product

development associations, etc.? What are the opportunities to reduce costs or

reach customers in new ways? Risk management, after all, is not about

21 | P a g e
suppressing profit-generating activities, but rather about properly directing

those activities.

3.2 Evaluation and reports in the risk of different functional perspectives.

The illustrative governance structure, another way of understanding the

responsibilities of individual functions is to say that they are in charge of

collecting information, monitoring the risk environment and paying

Attention to early warning signs that indicate something might go wrong. The

methodology used may differ depending on the function because it involves

different channels and platforms. A human resources director might be paying

attention to sites like LinkedIn®, while legal could be monitoring email traffic to

see if liability issues arise. Marketing would be monitoring several platforms to

understand how customers use or discuss the brand.

However, in each case, what is consistent is that the companies are identifying,

evaluating and managing the risk and then reporting this to a social media risk

manager that consolidates the information, scales any problem and effectively

audits the process. Used by the various functions. The risk manager works to

ensure that the groups are monitoring the activities with the correct frequency

and that the data and reports they provide are of high quality.

3.3 Continuous risk follow-up

22 | P a g e
Top management should receive the appropriate information with the

appropriate frequency to manage the risks of social networks in an appropriate

manner. However, risk monitoring is a more complicated process in the world of

social networks than with more traditional transactions and

communications. Social networks are always active, especially for a global

business, so monitoring must in effect be continuous.

One of the benefits of social media monitoring is the early identification of

problems that can lead to increased commercial risk. For example, if you receive

500 tweets on a particular topic, those people cannot know each other, so it is

an indication of a real problem that you can then quickly solve. With tweets, you

can also identify a general geographic area, which also helps identify where the

problem is occurring.

Some companies are leveraging technologies to increase real human

monitoring. Web crawlers can be implemented using sentiment analysis

technology to find references to a company, to infer whether the reference is

positive or negative and in what context, for example, the attention to the

customer, product quality and inform. In this way, reputational risks can be

identified faster, and counter actions implemented quickly.

Other technologies are now helping companies monitor employee activity on

social networks to assess business risks. For example, many financial

institutions are looking for more compliance-related tools that prevent an

23 | P a g e
employee from saying something on social media that violates a particular

regulation.

You can use business support platforms and manage social media channels:

• Control access to applications, including authorizations.

• Monitor the content of social networks to protect the value of the brand

and ensure data security.

• Capture social media conversations in context to provide more solid

information.

• Quick search of all captured content, which supports legal and discovery

queries.

• Archive all captured social media activities to support compliance with

regulations.

The ability to stop the risky activity of social networks before it becomes a

problem is an important feature, for example, let's say a customer sends you a

tweet with a problem with your business credit card, and you respond and

say that if you have problems with your credit card, call this number, that tweet

will be locked and redirected to monitoring. In this way, a bank knows if the

tweet was a promotion or if it indicated a problem with the service.

3.4 Mitigate and transfer risks in a profitable way.

24 | P a g e
A key objective of effective risk management is to reduce the likelihood of risks

occurring, as well as to improve the capabilities and capabilities of the

organization: people, processes, technologies and structures. However, it can

also mean transferring part or all of the risk to another party. This could mean

insuring against him, providing compensation in case of damage to the brand or

protection against the liability of the directors.

If companies have adequately analyzed where the risks are, what are the

indicators and what is the level of risk tolerance, that should provide a solid

guide on whether to mitigate or transfer the risk.

3.5 Capture of social media data.

25 | P a g e
Several tools are now available that allow companies to extract data through

social media platforms and search for particular types of information. Web

crawlers, mentioned above, can extract data from users of social networks.

III. SYSTEMS

Such monitoring now depends largely on advanced technology. Improving the

effectiveness of IT systems in the context of social network risk management is

primarily about improving data management and analysis and the use of new

technologies to monitor social networking sites as a means to mitigate the

risks. Large amounts of data are now on social media platforms, so companies

need and want to manage that data effectively.

Systems: Managing data effective and leveraging new technologies to mitigate

social media risks. Effective use technologies to improve data management and

the monitoring of social media activity, including:

• Social media data mining and capture (analytics, web crawlers).

• Text analytic engines.

• Data security and storage.

• Reporting and dashboards.

4.1 Capture of social media data.

Several tools are now available that allow companies to extract data through

social media platforms and search for particular types of information. Web

crawlers, mentioned above, can extract data from users of social networks. Data

26 | P a g e
mining and analysis can turn the apparent randomness and chaos of millions of

publications and tweets into information to guide marketing specialists and

business strategists.

4.2 Text analytical motors.

While trackers and other tools collect information or extract it, text analysis

engines find significant patterns in the data to provide information. These

engines can also segment information to support better decision-making:

decisions based on hard data, especially unstructured or "large" data.

4.3 Security and data storage.

Social media regulations and technologies present new challenges for data

storage, challenges related to architectures and security. These challenges are

complicated by the fact that social networks generally rely on third-party cloud

applications, which means that a company cannot control the security of those

applications.

4.4 Reports and control boards.

When data has been extracted, analyzed, organized and stored effectively, this

allows companies to report more effectively and in a timely manner. The most

complete reports can gather multiple dimensions of performance in a control

panel, which helps management analyze the factors and see where the

vulnerabilities and risks are, and then make better decisions.

4.5 Social media monitoring services for a global bank.

27 | P a g e
This important financial institution had a sophisticated monitoring capacity for

traditional media, such as newspaper coverage. However, he needed the ability

to adapt his risk management approach in light of his passage to social networks.

5. Enablers of effective social media risk management.

A number of capacities underline governance, processes and effective risk

management systems for social media. In addition to a focus on leadership and

cultural change.

5.1 Conscious risk culture.

One of the critical points to remember about risk management is that, despite

the importance of governance, processes and technologies, much of risk

management still depends on people and, therefore, behaviors of people must be

managed. In the words of a social media banking executive. Mitigating the risks

28 | P a g e
of social networks is not just about technology. You can install as many firewalls

as you want, but people should still know the risks and understand their role in

mitigating them.

Consequently, one of the key factors that distinguishes the best social media risk

managers from their peers is their commitment to create and instill a risk-aware

culture: an awareness of how the company is exposed to the risks of social

networks and what each individual should do to help manage those risks. It is

also important to carry out more detailed tacit knowledge and training

throughout the corporate culture.

5.2 Making this happen requires that employees

• Know the rules and guidelines;

• Adhere to those rules and guidelines; and

29 | P a g e
 • Be responsible for their performance.

Promoting a more risk-aware culture also requires an adequate establishment of

clear objectives, roles and responsibilities, adequate training and

communication and, most importantly, a unified message from senior

management that demonstrates its importance.

More specifically, adequate awareness and management of risk exposure comes

from an appropriately integrated operational model that links the legal function

(for the interpretation and guidance of regulation), compliance (for the design

and implementation of the program), the operational risk (for adequate control

and governance), chief business (for implementation and accountability),

internal / external audit (as a third line of defense and testing) and technology

(for automation and prevention controls that reduce human error ). The effective

management of all these moving parts does not happen overnight or as a single

exercise but operates in a cycle of continuous improvement.

Leadership and sponsorship are equally important to create a culture in tune

with the risks of social networks. A story told by one of our respondents is a

reminder that it is important to consider the generational differences that will

persist, at least for a while, when it comes to social networks and leadership

5.3 Performance management and measurement.

Integrated risk performance management is essential for leadership at all levels

to have a comprehensive view of the risks of social networks, their impacts and

30 | P a g e
their ability to be mitigated or controlled. A framework for effective performance

measurement in a social network risk management context includes:

• Risk identification (emerging / emerging / realized) through data mining,

trend analysis, systems and security.

• Inform about risks (visibility, responsibility, awareness).

• Risk management (policies, procedures, preventive and detective

controls, transfer or distribution of risks).

• Measurement of risk mitigation performance (benchmarks, key risk

indicators and key performance indicators). • Identify opportunities to

improve control effectiveness, reduce exposure and automate processes.

With effective measurement and control capabilities, risk management

procedures and a risk-aware culture, companies should be positioned to exploit

future opportunities to take advantage of social networks as a customer channel.

6. Conclusion and Recommendation

31 | P a g e
 • The most important and most difficult aspect of controlling social networks

focuses on cultural awareness and change. Setting appropriate

expectations and participating in a culturally conscious implementation

can have a great impact on the risk control of social networks.

• Establish the leadership of influential leaders in sponsorship positions to

raise awareness and acceptance of the organization's overall monitoring of

the use of social networks.

• Social networks can offer considerable advantages for financial

institutions and most other types of companies. Listening is absolutely

critical for any company that wants to take social networks seriously:

listen to what people tell them and what they say about them. It is very

important to have the ability to analyze who says what and then be able

to deepen it, establish reliable relationships and improve the business at

the same time.

• The use of social networks is a serious risk inherent: reputational,

commercial, strategic, regulatory and more. To mitigate these risks and

gain more value from a social media strategy, companies must institute

unique governance structures, processes and technologies to meet the

challenges of social media.

Miami, Florida November 27, 2019.

32 | P a g e
References and Bibliography

• Clup. Steve. A comprehensive Approach to Managing Social Media Risk and

Compliance.

• Social Media Governance Managing Social Media Risk.

• Walsh, Karen. Effective Social Media Risk Management.

• Zeng, Daniel. Social Media Analytics and Intelligence. December 30, 2010.
IEE

• Tran, Linh. Social Media and Project Management. Monday, 29, June 2015.

33 | P a g e