2. About Jim Kaplan, CIA, CFE
2
• President and Founder of
AuditNet®, the global resource
for auditors
Auditor, Author, Web Site
Guru, Internet for Auditors
Pioneer
Recipient of the IIA’s 2007
Bradford Cadmus Memorial
Award.
3. Agenda
• Professional networking ‐ it’s not all digital!
• Social media and social networking
• Responses to social networking
• Social Networking and Professionals
• Best Practices
• Social Media Risks
• Internal Audit’s Role
• Adding Value for Audit
4. Principles of Professional Networking
1. Make networking a part of your written strategic plan
2. Work an event, not just a room
3. Make a professional first impression
4. Create a 10‐15 second verbal business card filled with
benefits networking with you
5. Adapt your verbal business card to a short e‐mail
signature to continue to establish your brand
6. Start conversations with open‐ended questions
7. Master the art of small talk about your industry and
timely topics
8. 10 Minute Work a Room Rule
9. Follow up
10. Give more than you get
7. Social Media Defined
What is Social Media?
• Web‐ and mobile‐based technologies used to disseminate information and solicit
feedback on a real‐time basis which are used to turn communication into
interactive dialogue among organizations, communities, and individuals
• A group of Internet‐based applications that build on the ideological and
technological information of Web 2.0… allows for the creation and exchange of
user‐generated content
• Social media expedites conversation in contrast to traditional media, which
delivers content but doesn't allow readers/viewers/listeners to participate in the
creation or development of the content.
• Example of social media include internet forums, weblogs, social blogs,
microblogging, wikis, social networks, podcasts
9. Why is it so popular?
• Community ‐ allows people to join together based on common interests and
values.
• Transparent – when used properly it can project authenticity
• Engaging – communication channel opening dialogues with many individuals
• Borderless – the world is flattening and we are no longer restricted to connecting
with only those who are close
• Creative – fosters innovation and expression
The Pew Research Center found that’s the “major reason” given by six of every 10 users
of Facebook, Twitter or LinkedIn. And half of the people surveyed said the ability to
reconnect with old friends played a “significant role” in using social networking.
10. Professionals and Social Networking
• 10 Reasons for auditors to use social networking tools
1. Network with other auditors for advice on issues
2. Get answers to audit technology questions and issues
3. Benchmark best practices
4. Share (reports, programs, issues)
5. Share methodologies
6. Foster one to one and one to many communications/discussions1
7. Research audit and technology issues using advanced search skills1
8. Establish a dialogue with your professional network1
9. Establish knowledge feeds1
10. Gain knowledge for risk, control and audit of social media
Auditors need to be plugged into social networks to stay current with professional
issues and the latest tools and technologies!
Jim Kaplan
1 core competency for digital literacy
12. Social Media Options
• LinkedIn
• Facebook
• Twitter
• YouTube
• Blogs
• Discussion Forums
• According to survey by CEO.com ‐ Social media will become one of the two most
important forms of engagement with employees and customers, second only to
face to face interactions.
18. Social Media Risks and Controls
• Risks
– Employees or non‐employees creating a social media page representing your company
without management/IT consent or approval
– Trade secrets or other business secrets being inadvertently or even deliberately shared
– Dissatisfied customers or disgruntled employees voicing their opinions freely
– Viruses, spyware and network vulnerabilities occurring due to the interactivity and open
nature of social media architecture
• Controls
– The extent to which social media will be officially sanctioned by the organization
– Who is allowed to use the social media sites
– How users gain approval to use the social media sites
– Standards/policy of social media use inside and outside of the workplace
– Brand monitoring and legal involvement
– How to report false pages
19. Internal Audit’s Role
• Understand how social media is being used within the organization
• Review social media policies
• Conduct a social media risk assessment
• Ensure that controls are in place to address social media risks
• Records retention issue
• Audit Reports
– Social Media Review by Multnomah County August 2011
– GAO SOCIAL MEDIA ‐ Federal Agencies Need Policies and Procedures for Managing and
Protecting Information They Access and Disseminate
http://www.gao.gov/new.items/d11605.pdf
Social media is now embedded in our personal and business culture and auditors need to
know the what the risks and controls are, how to audit this new communication tool and
also how to adapt it for use within the audit environment.
Jim Kaplan, AuditNet®