1 Social Media s Effects on Internal Auditors for IIA Nashville Chapter April 6, 2011 Chase Whitaker, CPA, CIA
2 Session Objectives Introduce / review social media tools Discuss social media applications for business and internal auditors Discuss the state of social media policies and their implications for organizations Provide resources to advance the conversation about social media
3 Stats/Visits 150 million blogs: 84% of social network sites have more women than men 140 million tweets on Twitter per day million users on Facebook. 50% of Facebook users log-in every day 2 billion videos YouTube serves in one day 12.2 billion videos viewed per month on YouTube in the US (11/2009) 82% of embedded videos on blogs are YouTube videos
4 Auditors Dig Numbers, Right? 40% of organizations blocked social media sites in % believe social media can enhance customer relationships and build brand reputation 60% believe such tools can enhance recruiting 53% of employees say their social media pages are none of their employers business 60% of employers believe they have right to know how employees portray themselves on-line Source: and & 2010 Ethics & Workplace Survey
5 Is the organization linked in? Survey: Organizations in the dark about tech-savvy employees Effects on recruiting, retention ti & efficiency? i 50% of devices used by employees co-mingle personal and business data About 33% of organizations plan to fund employee purchases of devices The-Dark-About-TechSavvy-Employees
6 Is the organization linked in? 33% of organizations say use of consumer tech is relevant in workplace yet 80% of employees say consumer tech devices are important to their doing business Business use of Facebook, Twitter, Blogs expected to grow 10-30% over next 12 months yet 40% of organizations don t have social media policy The-Dark-About-TechSavvy-Employees
7 What does your organization do? Market and Sell Support existing customers Hire and Develop People Manage Risk Other organization-specific objectives
8 Does use of Social Media align? Listen first Do good things Share and add value Don t spam Be authentic Give more than you get Market & sell Support existing customers Hire & develop people Manage risk Other organizationspecific objectives
11 LinkedIn LinkedIn is used by 80% of companies as primary source of recruiting new job candidates. LinkedIn Discussions Examples: Project Management Institute Nashville Association of IT Professionals Nashville TeamMate Community
12 LinkedIn Groups Link
13 Tweeters with accountability themes Compliance Week Francine McKenna SAP/Business Objects Norman Marks ACL s Peter Millar Joe Oringel Jim Kaplan David Hoelzer Richard Chambers IT Audit Security
14 Really? They re on Twitter? Industry Groups Natl Assn of Insurance Commissioners Association of Certified Fraud Examiners TheACFE) Institute of Internal Auditors ISACA and many chapters Media Forbes Wall Street Journal CFO Magazine Authors / Leadership / Creative Thought Phil Baumann John Maxwell
15 Facebook Recruiting Research / knowledge sharing Building community / loyalty How NOT to use Facebook Personal? Private? Or is it Public?
16 Challenges & Risks Sensitive/private information leakage Reputational damages Litigation (e.g. discrimination, harassment) Compliance / disclosure (e.g. SEC, HIPAA) System uptime/consistency Impact on organization s IT bandwidth Employee productivity it
17 Information Security Risks Viruses, trojans, spyware, malware, and other not-sogood-ware Cross-site scripting (XSS for the IT peeps) URL shorteners what s on the other end of that weird link?
18 Regulatory Guidance Healthcare: HIPAA risks of private data leakage Health Information Technology for Economic and Clinical Health (HITECH) Act Financial i Services: Financial Industry Regulatory Authority (FINRA) 18
19 Regulatory Guidance FINRA Regulatory Notice Firms must retain social media communications And you thought archiving was hard??
20 The question being raised is whether or not activity on sites like q g y Twitter, Facebook and LinkedIn need to be archived and available for records requests.
21 Legal Ramifications? LinkedIn recommendations Whose is it? Individual vs. organization Facebook friends Employees friending competitors Employees friending former employees
22 A good social media policy Adhere to the Code of Business Conduct and other applicable policies You are responsible for your actions Be a scout for compliments and criticism Let the subject matter experts respond to negative posts Be conscious when mixing your business and personal lives A simpler policy: Do the right thing. Be nice. Source: The Coca-Cola Company
23 LinkedIn Discussions Scenario: Help. I m a staff IT auditor at XYZ in New York, and I ve been assigned to do an information security audit of Acme Technology, one of our third-party vendors. Fill in the blank with the nightmare of your choice Does your organization have a policy on posting questions or answers to groups?
24 Is your organization linked in? Does the organization have a strategy for use of social media? Review social media policy if it exists Who is monitoring organization s name on social media sites? Who is coordinating any responses by the organization? Is there one/few dedicated social media managers?
25 Is Internal Audit linked in? Can internal audit help with text mining queries? Can your internal audit attract greater number of qualified career applicants? Can internal audit help shape/influence social media policy?
26 Social Media Policy Help with development of policy if it doesn t exist Information Technology department Legal Human Resources Ethics/Compliance Central/Corporate vs. Business-level policies
29 Follow, Friend or Connect Me! Chase Whitaker twitter.com/43chase linkedin.com/in/chasewhitaker43 Old fashioned but classic way: (615)
30 Available from IIA bookstore Chapters Overview Corporate Strategy Monitoring & Measuring Policies Risks Governance The Audit
31 FREE White Paper! Organizations encouraged to address risks in these areas: Viruses/malware Brand hijacking Lack of control over content Unrealistic customer expectations of Internetspeed service Non-compliance with record management regulations
32 Wanna go techie? Volume 1, 2011 Article: Chain Exploitation Social Networks Malware
33 Social Media Policy Examples Collection of policies from various organizations: publications/social- media-policies/ Colleges & Universities Vanderbilt University Financial Services: Wells Fargo
34 Social Media Policy Examples Mayo Clinic employees/ ees/ Cleveland Clinic policy.aspx Danbury Hospital Us/Policies/Legal/Blogging-Policy.aspx
35 Social Media Policy Examples Healthcare: MD Anderson www2.mdanderson.org/cancerwise/policies-and- guidelines.html Retail: Nordstrom policies/social media guidelines.asp Retail: Best Buy
36 Social Media Policy Examples Local Government: City of Seattle Federal Government: CIO.gov cial_media_v01 v01-0.pdf0.pdf Non-Profit: Walker Art Center alkerblogguidelines
Guidelines for University Communications and Marketing Professionals These guidelines were created by Penn State's Division of University Relations. For more information, contact Lisa M. Powers, director,
State of Social Media Infrastructure Part III A Compliance Analysis Fortune 100 Social Media Infrastructure White Paper State of Social Media Infrastructure Part III 2 Executive Summary Nexgate performed
A Forrester Consulting Thought Leadership Paper Commissioned By Trend Micro Key Strategies To Capture And Measure The Value Of Consumerization Of IT Enterprises Achieve A Wide Range Of Benefits By Deploying
a report by harvard business review analytic services The New Conversation: Taking Social Media from Talk to Action Sponsored by Conventional marketing wisdom long held that a dissatisfied customer tells
Social Media in Recruiting Using New Channels To Source Talent Benchmark Research White Paper Aligning Business and IT To Improve Performance Ventana Research 2603 Camino Ramon, Suite 200 San Ramon, CA
Cyber Security Planning Guide The below entities collaborated in the creation of this guide. This does not constitute or imply an endorsement by the FCC of any commercial product, service or enterprise
John G. Stumpf, Chairman, President & CEO The Vision & Values of Wells Fargo 2 Regardless of our growing size, scope and reach, our common vision and distinct values form the fabric that holds us together
CODE OF CONDUCT Living Our Values Around The World Colgate s Code of Conduct sets forth our principles for working with each other, outside businesses, consumers, governments, local communities, and shareholders.
Review of Industry Trends & Forecasts!" # $% & ' ( ) "" (!% How many squares to you see? Answer? *+, -*./ *.0 #*12 Answer? *+, -*./ *.03 #*12 How many squares to you see? /4/5+.4.5/ 14152 +4+5+, Changing
BOOST YOUR SALES WITH ONLINE MARKETING A GUIDE FOR ENTREPRENEURS ANNIE BELLAVANCE COFOUNDER SOURIS MINI 2 Table of Contents BDC.ca BOOST YOUR SALES WITH ONLINE MARKETING Introduction ONLINE MARKETING THAT
Social Recruiting How to Effectively Use Social Networks to Recruit Talent Introduction As a recruiter, you want to find the most qualified, talented, and largest pool of applicants. LinkedIn, Facebook,
Advanced Techniques for Work Search Target your work search Develop your network Market yourself effectively Stand out in an interview Government Career Practitioners This workbook was developed to help
A REPORT BY HARVARD BUSINESS REVIEW ANALYTIC SERVICES Meeting the Cyber Risk Challenge Sponsored by ABOUT ZURICH INSURANCE GROUP Zurich Insurance Group (Zurich) is a leading multi-line insurance provider
HR Managers Focus on Recruiting Experience as War for Talent Intensifies In today's competitive market for quality talent, it s just as important for the business to make a lasting impression on candidates
I N S I D E T H E M I N D S Business Due Diligence Strategies Leading Lawyers on Conducting Due Diligence in Today s M&A Deals 2014 EDITION 2014 Thomson Reuters/Aspatore All rights reserved. Printed in
What Every HR Manager Needs To Know About Online Recruiting TABLE OF CONTENTS Introduction.. 4 Trends in Internet Recruiting: Why You Need an Online Strategy...4 First Things First: Improve Your Company
A Forrester Consulting Thought Leadership Paper Commissioned By salesforce.com The Five Imperatives To Delivering Great Customer Service May 2013 Table Of Contents Executive Summary... 2 1. Customer Experiences
Tapping into the Recruiting Power of Existing Power Employees Tapping into the Recruiting of Existing Employees a Recruiting Trends white paper, sponsored by Tapping into the Recruiting Power of Existing
Getting the most from social: An integrated marketing approach Foreword Matt Glasner General Manager, Experian Marketing Services How does social media fit in as part of a true multichannel marketing strategy?
In My Good Hands... SM The AllsTATe Code of Ethics 1 THE ALLSTATE CODE OF ETHICS Allstate s values and principles are the foundation for Our Shared Vision. They form the foundation for everything we do
Social Networking and Small Business: An Exploratory Study Ruben Boling Max Burns Geoffrey Dick North Georgia College and State University ABSTRACT This paper reports the results of a study of small businesses
New York State Office of the State Comptroller Division of Local Government and School Accountability LOCAL GOVERNMENT MANAGEMENT GUIDE Information Technology Governance Thomas P. DiNapoli State Comptroller
The small business revolution: trends in SMB cloud adoption 02 Trends in SMB cloud adoption Trends in SMB cloud adoption 03 Gartner analysts predict cloud services will grow to $244 billion by 2017 1 05
Guarding the Social Gates: The Imperative for Social Media Risk Management August 9, 2012 By Alan Webber With Charlene Li and Jaimy Szymanski Includes input from 42 ecosystem contributors Executive Summary
Yahoo s Code of Ethics Winning with Integrity Winning with Integrity Yahoos, Yahoo is the place where millions of people go to see what is happening with the people and the things that matter to them most.