AUDITING SOCIAL MEDIA

Auditing Social Media

Marrysa Prijadi Tjahja

1901466931

Sumber Gambar : https://www.google.co.id/search?q=AUDITING+SOCIAL+MEDIA&source=lnms&tbm=isch&sa=X&ved=0ahUKEwidmPOKqbjTAhWMQY8KHWAxAhsQ_AUIBygC&biw=1094&bih=438#imgrc=pgN_mrpWBUVniM:

New inventions are created every day. Some fail and go nowhere, while others revolutionize the world and change the way people live. Most would argue the Internet is among the inventions that did just that. The Internet has transformed the way people communicate like nothing before, which is largely the reason for its success and sustainability. It is a mechanism for information sharing and a means to collaborate and interact with individuals without regard for physical location. In the 1990s, the World Wide Web became popular, and it was then that many organizations made the business decision to have a presence on the Internet by creating their own websites. It was seen as a way to increase a company’s competitive advantage. Before then, the Internet was limited to education, research and the government.

As early as 1994, social media was born. However, it was not until 2006 that social media became hugely popular. This popularity is not only among individuals. Today, businesses are getting in the game because there is a clear competitive advantage to using social media. The concern now is if the risk and the associated safeguards are understood.

As of December 2015, Facebook had surpassed 1.5 billion monthly active users. In March 2016, Twitter reported 320 million monthly active users. Instagram’s September 2015 figures indicated 400 million users and more monthly active advertisers (200,000 vs. 130,000) than Twitter. With the popularity of social media, it is no wonder that many companies have decided to take advantage of this technology. Some have even stated that social media is the most powerful tool for marketing in today’s environment. As with the Internet, the business community has once again seized the opportunity this technology brings.

Benefits and Risks

There are many reasons why businesses can benefit from social media: They can gain valuable customer insights, increase brand awareness and loyalty, run targeted ads with real-time results, generate higher converting leads, provide rich customer experiences, increase website traffic and search ranking, find out what competitors are doing, share content faster and easier, geotarget content, and build relationships.

However, what is not so popular and well known is the risk of both the Internet and social media to the enterprise. The potential for the risk of hackers accessing the company’s information assets in an effort to steal or damage these resources automatically increases each time a company makes the decision to connect their corporate network to the Internet.

For most enterprises, being connected to the world’s largest network and the resulting increase in the organization’s visibility are seen as being worth the risk; the same applies to social media. Having a presence on social media and allowing access to such sites on the company’s computer resources are seen as being well worth the risk.

Performing the Audit

When performing an audit of social media, the auditor should consider whether the enterprise has a policy in place that clearly denotes what is acceptable and unacceptable use of social media. The auditor should also ascertain whether this policy is in alignment with the overall strategic plan of the organization. The organization should have detailed procedures or a training plan explaining how to comply with the policy. This training should be accessible and possibly mandatory to employees, depending on their role in the organization. The auditor should also obtain an inventory of the enterprise presence on all social media sites and determine if there is monitoring for each instance in place. The following are a few key steps in performing a social media audit:

• Determine if a risk assessment to identify inherent risk associated with this form of technology was performed.
• Determine if social media information has been included in the data classification process.
• Determine if there is a policy in place explaining the acceptable and unacceptable use of social media on the enterprise’s electronic resources.
• Determine if social media access is covered in the access management procedures.
• Determine if antivirus software is implemented with the appropriate settings to mitigate risk associated with social media.

Sumber Penulisan/Daftar Pustaka : https://www.isaca.org/Journal/archives/2017/Volume-2/Pages/auditing-social-media.aspx