- مبلغ: ۸۶,۰۰۰ تومان
- مبلغ: ۹۱,۰۰۰ تومان
Social media use within the workplace is widespread; however, little is known about how organizations actually manage social media risk. We use the Committee of Sponsoring Organization's Enterprise Risk Management – Integrated Framework (COSO, 2004) to develop a social media risk management model (SM-RMM) that includes four components: (i) social media use, (ii) perceived risk of use, (iii) policy implementation, and (iv) training and technical controls. We utilize the model to examine whether the manner in which organizations address social media risk is consistent with a formalized risk management process. Survey data from 98 risk management, audit, and finance professionals shows that the extent of organizations' social media use increases the perceived risk of social media use. In addition, the effect of the extent of use on the implementation of social media policies is greater for organizations with higher levels of perceived risk of use. Finally, organizations with more extensive social media policies have more extensive training and technical controls. The study's findings indicate that organizations are adopting social media policies and controls in a reactive fashion, as opposed to using a formalized risk management process. This may unduly expose organizations to social media risks. Our model provides a framework for future research on social media risk management.
Social media use has emerged in recent years as an important way for organizations to communicate with customers, investors, employees, and other stakeholders. As technology continues to advance, the importance of social media cannot be understated. While organizations benefit from social media, they are only starting to become aware of the risk associated with its use in the workplace (DiStaso and McCorkindale, 2013; Larcker et al., 2012; Russell Herder and Ethos Business Law, 2009). The practitioner literature suggests that a majority of organizations may be following a reactive approach to social media risk management, as opposed to the proactive approach indicated by risk management best practices (Larcker et al., 2012; Scott and Jacka, 2011). However, there is little academic research addressing this issue. To close this gap, this paper develops and tests a set of hypotheses based on the assumption that organizations follow a reactive approach to managing their social media risks. Drawing from the risk management principles of the ERM-IF, we develop a model that incorporates four components: (i) social media use, (ii) the perceived risk of use, (iii) policy implementation, and (iv) training and technical controls. We tested the model by surveying risk management, audit, and finance professionals. Results from 98 participants confirm predictions that social media use increases the perceived risk of use, the perceived risk of use moderates the effect of social media use on policy implementation, and that policy implementation increases the extent of social media-related training and technical controls.