Social media is here to stay with some analysts predicting that by 2016 as many as 40 per cent of enterprises will use social media as a customer service channel. The power and reach of social media can affect a whole organisation. In this area is where the saying ‘It takes a lifetime to build a good reputation, but you can lose it in a minute,’ is most true. The main problem is that the communication channel is inherently disparate and very individual The instant spread of bad news or a negative incident via social media can affect companies greatly. The culprit can come from inside, outside or be the consequence of carelessness. To manage social media normal risk assessment rules apply: identify, record and mitigate. The first step is to identify potential risks, in the case of social media these include: confidential information being shared by employees or employees defaming the company through their personal accounts; loss of control or ownership of the organisation’s social media accounts; failing to respond to negative posts or responding in an inappropriate manner or neglecting to listen to the social media dialogue. A lack of attention to detail in terms of knowing how usernames and passwords are being shared means that in the event of something going wrong no-one is accountable or traceable for posting the offending content. The lack of an audit trail makes it difficult to identify who and why a damaging internal post has appeared. Likewise, is it clear who is responsible for replying to external negative comments and in what tone? Adding fuel to the flames can make matters worse but if the source of that fuel cannot be identified steps to call a halt and correct the situation will take precious time. To record and manage potential social media risks the second step is to implement an enterprise control platform that works seamlessly across the entire organisation, from marketing to customer service and operations. A single dashboard, such as that from CrowdControlHQ, provides controlled access to an organisation’s social media profiles monitoring who is authorised to make posts and the content of those posts. Individual logins only known by administrators will maintain security while greater control of abusive comments including keyword alerts (such as swear words) means content can be quickly and automatically removed Including a wiki area in the enterprise control platform means there is an easily accessible store for training materials, policies, guidelines and procedures. These documents can be made available to all users or specific user groups and workspaces in the event of either an internal or external risk being identified to allow a fast response. Mitigation is the third step when it comes to the control of social media risk. Nothing should be done in haste. In the event of the worst happening social media channels should be kept open and readers kept informed as to what is being done to remedy the situation. Openness and clarity are essential. In the event of the crisis having been created internally, audit trails and validation will soon identify the source and allow the necessary actions to be taken. If the crisis was as a result of an external source, the right people required to respond will be alerted and the appropriate reaction documented. So while there is no doubt that social media will continue to move up the risk register, by implementing sound processes and procedures supported by an enterprise control platform risk managers should still be able to sleep soundly at night.