"Trust, but verify" - How do you encourage use and innovation without increasing risk?

Community Topic(s):

Keywords: ECM, ERM, generation next, compliance, texting, Twitter, social networking

I find myself answering questions about many E2.0 technologies with my Compliance voice. Why are you asking me, "Can we use LinkedIn? , When we post an opening on a blog do we have to keep track of all the comments? , What is the policy on ... ? " These questions always seem to bring me to the same statement, "Trust, but verify" - R. Reagan I always encourage the expansion of capabilities and freedom to the communities of business partners I work with every day. But I also recommend a method for verifying that they are being used for their intended purpose. That the trust given is warranted. The verify recommendation can be as simple as reminding people about their responsibilities as representative of the company. It can also be as strong as a capture and review process where the business environment warrants it. How do you keep this balance?

Report

Add a Response

You need to log in to post messages. Click here to login.

Responses

I'd like to pose that you can't encourage use and innovation without an increase in risk, but you can limit that risk increase with a proper governance document. Have all users sign the governance document and then keep them up to date on updates and at regular intervals remind them of policies.

Report
Was this helpful? Yes No
Reply

May be have people trained on best practices? I agree that its a thin line.

Report
Was this helpful? Yes No
Reply

I would say that the answer is title already. You do have to trust but also verify. Every new tool that we have at our disposal raises new questions. Even when we got the mobile and later on the mobile phone we gave people powerfull way to communicate.

The biggest difference now is that the memory of the tool is lot longer than that of the phone and it might not be in our hands. The first step in my view is making people aware of the dangers of this new tool along with the benefits. Training and governance documents play a role in this.

If the tools are to be used inhouse or for corporate reasons a bit more verification would not hurt. If people blog about work on their own blogs, that is potentially dangerous as well but turning into a police state by checking all of your employees blogs is not really an option. Making them aware of their responsibilities and making it part of the employee guidelines should suffice here.

Checking company wiki's and blog should not be a daytask either but it is more than justified to spot check these from time to time to check the quality of the content.

Report
Was this helpful? Yes No
Reply

I read this interesting article about creating and sustaining trust a few days ago by Lokesh Datta: http://allcollaboration.com/home/2010/4/28/collaboration-building-and-managing-trust.html

Report
Was this helpful? Yes No
Reply