Risk management practices are designed for controlling, transferring or mitigating risk using different approaches to a variety of organizational risk. When new risk emerge management of related issues may need new approaches not contained in the traditional risk management playbook.
A risk is any possible situation that is not planned for but that, if it occurs, is likely to negatively impact results.
The aim of Risk Management is to predict risks, assess their likelihood and impact, and to actively plan what should be done ahead of time to best deal with situations when they occur. We are all familiar with the results of not planning for potential risk, BP's oil spill.
The risk management process usually occurs in five distinct steps, risk management planning, risk identification, risk analysis, risk response planning, and risk monitoring and control. The central point of risk identification and assessment in risk management is understanding the risk. However when a new risk appears, which is not clearly understood, it becomes difficult to plan, measure or control the risk.
Emerging Social Media Risk
Everyday we are beginning to see typical approaches to emerging risk, trying to control them through legal remedy. Consider:
- Can your boss read your text messages on a pager or phone the company pays for? According to a California Supreme Court ruling the answer is, yes. The high court ruled that a California Police department had the right to read text messages sent on a work-sanctioned cell phone.
- TEKsystems, a Maryland IT staffing firm, sued an ex-employee, charging the former employee violated the non-compete provision of her employment contract by soliciting her former co-workers on LinkedIn.
- The doctor behind the Cookie Diet has sued celebrity Kim Kardashian for allegedly defaming him in on Twitter.
- a 17-year old New York teen was sentenced for negligent homicide due to a Facebook posting. The sentence was six months in jail with five years probation.
- Online writers and bloggers are not protected under the 1st Amendment rights extended to protect journalists working for newspapers and magazines. Thus citizen journalist, and entire organization, are exposed to lawsuits for defamation of character for posting derogatory information about anyone, anything and everything.
There are hundreds of other examples emerging every month which are indicative of risk not understood by organizations and people. However, use of social media has opened up legal issues in the areas of privacy, intellectual property, identity theft, defamation, and self-incrimination. Privacy has become an illusion because it is the cost of admission. Intellectual property is costly to protect and difficult to tract abuse. Identity theft is everywhere. Defamation and self-incrimination are results of a lack of knowledge and understanding. All of these issues create new risk and with risk comes additional cost if the risk aren't managed appropriately.
The use and abuse of using social media is and will continue to create relevant risk for organizations and people. You can react to risk by using expensive legal remedies, sue them. You can try to control the risk by trying to dictate related behavior, dictating behavior doesn't work. Transferring risk does not reduce them. Mitigating can only be accomplished through proper education. Education and knowledge provides the means for self-control to those interested in reducing their own risk. Advanced social risk management practices are about obtaining relevant knowledge and putting knowledge into proper action.
Expecting the market of humans enabled to say anything about anyone anywhere and anytime to not do stupid and risky things is like expecting the human race not to sin. Sin and stupidity are part of the human DNA.
Risk are caused by not only to what people do with social media but more are caused by how you respond to what people say and do. Consider your risk and respond by thinking first.