Social Media Risk Management : and the impact on organization IT security

Abstract: The purpose of this study was to investigate and try to describe how social media risk management is performed and what impact social media risk management could have on organizations IT security.  The outcome of this study is possible knowledge for researchers and for practitioners in the field, of how social media risk management was handled in some organizations in Sweden and what impact the chosen social media risk management could have on the IT security. This study looked at social media risk management and what impact it could have on organizations IT security through prior studies done and through data collected from semi structured interviews and surveys.  Social media risk management was according to this study performed mostly reactive and a majority of the organizations did not have risk management specifically for social media. More organizations had a social media policy than performed risk management for social media.  The risk management for social media in the IT organizations in this study was described in the interviews as reactive due to several reasons: old systems that made it hard to be proactive, lack of time for prioritizing social media risks or risk management for social media was currently being worked on.  The proactive IT organizations described themselves to have a general security policy and risk management plans for basically everything. Social media risks can lead to risks that impacts organization IT security.  In the interview notes five quotes was found that could be considered to suit the risks themes found in prior studies.