A successful, implementable governance model should always follow a multi-pronged approach that focuses on managing processes, policies and people at the strategic, tactical and operational levels.
Strategic: Strategic tasks include providing direction to the overall program, aligning with business objectives, periodic health checks, conflict resolution and issue escalation. At the strategic level, the executive team should consist of business heads, the executive sponsor, legal counsel and a regulatory compliance representative. This committee should meet periodically to review performance against target goals.
Tactical: Tactical tasks include planning and defining policies and rules based on data sensitivity. The team is responsible for creating and managing processes for collaboration and communication within the organization. At the tactical level, the team should consist of collaboration strategist, line managers, HR, IT and legal representatives. This team participates in review meetings at defined intervals to gauge the program performance and compliance metrics.
Operational: Operational tasks include day-to-day tracking, risk and issue management. At the operational level, the team should consist of department leads and tech support to monitor employee engagement and compliance with the governing policies. This team should participate in weekly review meetings to assess/address the risks and other issues.
The nature of financial, health care, insurance and defense industries implies the non-negotiable need for high levels of regulation. In these stringent environments with strict controls on policies and procedures, leveraging social media platforms to increase collaboration among employees is challenging. To succeed, there is a need to establish well-defined processes, policies and codes of conduct to help employees use these social networking tools. The other dimension that adds to complexity is hosting environments - on-premise or hosted. It is equally important to ensure that all of the policies and procedures adhere to industry-specific acts like FINRA, HIPAA, HITECH, AIA (export control, IPR and copyright etc., policies), etc.
Here are five key areas, identified by Naresh Gandesiri of IT management firm Virtusa Corporation, that organizations functioning in highly regulated environments should consider while setting up a social media platform.