Original PDF Flash format implementing-an-effective-corporate-blog----final  


Implementing An Effective Corporate Blog Final



NOWLEDGE RIEFING
Effective Corporate Blogging
April 2009


DISCLAIMER
Copyright © 2009 by The Institute of Internal Auditors’ (IIA’s) and The IIA Research Foundation’s
(IIARF’s) Global Audit Information Network (GAIN) located at 247 Maitland Avenue, Altamonte Springs,
Fla. 32701. All rights reserved. Published in the United States of America.
Except for the purposes intended by this publication, readers of this document may not reproduce,
redistribute, display, rent, lend, resell, commercially exploit, or adapt the statistical and other data
contained herein without the permission of GAIN or The IIARF.
The information included in this document is general in nature and is not intended to address any
particular individual, internal audit activity, or organization. The objective of this document is to share
tools, resources, information, and/or other knowledge that is accurate, unbiased, and timely. However,
based on the date of issuance and changing environments, no individual, internal audit activity, or
organization should act on the information provided in this document without appropriate consultation or
examination.
i


FOREWORD
Short for weblogs, blogs are Web sites journaling a person’s thoughts and ideas about a particular topic.1
Blogs are different from forums or discussion boards, since the owner of the blog controls the content of
the posting. While visitors to blogs can post comments, blogs are not entirely public forums. In addition,
visitors typically go to a blog to read the latest news and opinions of the blogger.2
The blogging phenomenon is not limited to individuals. In fact, many organizations around the world are
starting to create blogs, where company executives, stakeholders, vendors, and employees post their
thoughts and opinions on certain subjects. However, corporate blogs are not a panacea — personal blogs
in which employer-related information is shared might create legal problems for the blogger. For instance,
a Google assistant product manager was terminated in 2005 after 10 days of employment for discussing
corporate secrets on his personal blog. And in India, a blogger resigned from IBM after he posted false
claims about a management school, IIPM, which led the school’s management to threaten the IT giant
with burning the school’s IBM laptops as a sign of protest against the employee.3
To prevent situations that might put the organization in a legal, financial, or otherwise embarrassing
scenario, many companies actively monitor employee online behavior at work and have blogging policies
in place. A March 2008 GAIN Flash Survey of 170 IIA members4 found that one organization blocks
blogging sites within the company; another hosts a corporate blog where only executives are allowed to
communicate issues and solicit input from employees on those topics; and in another organization call
center agents often refer to industry-specific blogs but are not allowed to post on them.
This Knowledge Briefing summarizes some of the key points, recommendations, and leading practices on
corporate blogging from IIA members and professional online resources to help internal auditors provide
recommendations that enhance the use of corporate blogs, as well as ensure employee blogging
activities do not hamper an organization’s reputation.

1 PR Communications, http://pr.typepad.com/pr_communications
2 PR Communications, http://pr.typepad.com/pr_communications
3 Wikipedia’s blog entry, http://en.wikipedia.org/wiki/Blogging
4 “Blogging Within the Organization” (March 2008), www.theiia.org/download.cfm?file=6438 (PDF, 130 KB)
ii

TABLE OF CONTENTS
FOREWORD .................................................................................................................................................. ii
WHAT IS A BLOG? ....................................................................................................................................... 1
RULES FOR CORPORATE BLOGS ................................................................................................................. 3
Recommendations .................................................................................................................. 3
WHAT IIA MEMBERS AND OTHERS ARE DOING........................................................................................ 7
RESOURCES.................................................................................................................................................. 9
Reference Web sites and Online Resources........................................................................... 9
Sample Blogging Policies........................................................................................................ 9
Article, Books, and Reports..................................................................................................... 9
APPENDIX: SAMPLE BLOGGING POLICY .................................................................................................. 10
iii


WHAT IS A BLOG?
As described earlier, many of today’s blogs provide commentary or news on a particular subject, while
others function as more personal online diaries. In addition to text, many bloggers post images, music,
and videos, as well as links to different
blogs, Web pages, and other media related
to the topic. Blog entries are displayed in
Common Cataloguing Terms
reverse-chronological order (i.e., the most
The following is a list of commonly used terms for cataloguing
recent entry appears first), similar to
blogging activity:
comments posted on many Web forums or
discussion boards. (Read “Common
Blogosphere — the collective community of all
Cataloguing Terms” for a list of commonly
online blogs.
used blogging words.)
Bloghood — a collection of local blogs.
Blog search engines — used to search blog content
In the beginning, blogs were manually
such as Bloglines and and Technorati.
updated components of Web sites.
However, their popularity spread rapidly
Blogging communities and directories — online
after 1999 due in part to the arrival of the
communities and directories that connect people to
first hosted blog tools, which facilitated the
blogs and bloggers to other bloggers.
production and maintenance of Web articles
Blogging and advertising — blogs may feature
in reverse-chronological order to a less
advertisements to financially benefit the blogger or
technical and much larger population.5 After
promote the blogger’s favorite causes.
2002, blogs gained increasing notice and
Fake blogs — fictional blogs created by a company to
coverage for their role in breaking and
market a tool or promote a product.
shaping news stories.
Source: Wikipedia’s Blog Web page, http: en.wikipedia.org/wiki/blogging.
There are different types of blogs, differing
only in the type of content and the way the
content is delivered. Two common types of blogs are personal blogs and corporate blogs (see Figure 1
for an image of a corporate blog). While personal blogs are more of an ongoing diary or commentary by
an individual, corporate blogs provide an effective and reliable way for organizations to build trust-based
relationships with customers. In essence, a corporate blog is published by or with the support of an
organization to reach the organization’s goals.6
Regardless of their type, all blogs share the following six characteristics:7
1. Subjective personality. Blogs are not objective mediums. “In a way, they’re much like reading
letters from someone,” explains CorporateBlogging.Info, a Web site that offers information on
business blogging. “After a while, you can sense [the blogger’s] values and interests, and you
can’t remove the person — the personality — from the equation.”
2. A voice. Blogs have a voice of their own. Most have an everyday voice — natural, direct, and
informal, and sometimes funny or irritating.
3. Links. Hyperlinks are a major part of most blogs. Good, popular blogs provide hyperlinks to
interesting information with some degree of context.
4. A conversation. Many bloggers become part of existing conversations by linking to other blogs
in their posts, stating their opinions, and publishing related information or thoughts.
5. An immediate frequency. Blogging is immediate, almost instantaneous. Popular blogs publish
content more than once a month or even more than once a week.
6. A feed. Many blogs are published on a Web site and also as feeds — a data format that provides
subscribers with frequently updated content.

5 Wikipedia’s blog entry, http://en.wikipedia.org/wiki/Blogging
6 “Your Guide to Corporate Blogging,” www.corporateblogging.info/basics/what/
7 “Your Guide to Corporate Blogging,” www.corporateblogging.info/basics/what/
1


Figure 1. Screenshot of a corporate blog
Source: www.internalauditoronline.org
Just as there are different kinds of blogs, Wikipedia differentiates among three kinds of corporate blogs:8
1. Internal blogs. These blogs are generally accessed through the company’s Intranet site and
are accessible to all employees. Many internal blogs are communal — that is, they allow any
employee to post on them. Besides encouraging employee participation and a free
discussion of issues, successful internal blogs provide collective intelligence (i.e., a shared or
group intelligence that emerges from the collaboration and competition of many individuals),
direct communication between various layers of an organization, and a sense of community.
Furthermore, internal blogs may be used in exchange of meetings and e-mail discussions,
and are especially useful when the people involved are in different locations or have
conflicting schedules.
2. External blogs. Corporate blogs that are hosted externally are available to the public. These
blogs are mostly used to announce new products and services, to explain and clarify policies,
or to respond to public criticism on certain issues. Because of their public nature, external
blogs allow those outside the organization to have a glimpse into the organization’s culture,
although they are used mostly as public relations tools. While some external corporate blogs
allow comments to be made on posts, not all do. In addition, all comments are reviewed
before they are posted.
3. Chief executive officer (CEO) blogs. Many corporate blogs feature information posted by
the organization’s CEO. However, some CEOs have their own blogs, whether internal or
external, where they post information. Although there are debates on whether or not CEOs
should blog, blogging among CEOs is becoming popular, as shown in Figure 1. In this blog,
the latest entry is provided by IIA President and CEO Richard Chambers, CIA.
Whether external or internal, blogs are not new to the business world. In fact, according to Wikipedia,
more than 5 percent of the Fortune 500 companies blog externally.9 The next section will describe the key
recommendations internal auditors should keep in mind when reviewing the presence of corporate blogs
and the effectiveness of their organization’s blogging policy.

8 Wikipedia’s corporate blog entry, http://en.wikipedia.org/wiki/Corporate_blog
9 Wikipedia’s corporate blog entry, http://en.wikipedia.org/wiki/Corporate_blog
2


RULES FOR CORPORATE BLOGS
In the business world, the presence and use of a blog can be a powerful tool for communicating
with employees and stakeholders alike. Corporate blogs also can provide additional value by adding a
level of credibility that is often unobtainable from a standard corporate site. Oftentimes, the informality
and timeliness of information posted on blogs can serve to increase an organization’s image of
transparency and accessibility. What’s more, corporate blogs can interact with a given target market on a
more personal level, while building a level of credibility that is ultimately tied back to the corporate site.10
However, corporate blogs are not without their
The Four Do’s of Corporate Blogging
share of problems. According to the article
“The Many Challenges of Corporate
According to IIA Director of Marketing Peter Scott, internal
Blogging,” some of the common problems
auditors working in organizations that have established a
faced by corporate blogs include the
corporate blog need to ensure blogging policies:
following:11
Help manage the organization’s reputation by
Most corporate blogs don’t receive a
actively monitoring blogging activities.
lot of traffic.
Establish a social media content strategy (i.e.,
Blogs require a lot of time, and when it
policies regarding the kinds of comments
comes to CEO blogs, the cost per
employees can post on the organization’s blog and
hour increases as many executives
comments posted on other blogs).
require the help of a support
Promote the use of a conversational and authentic
technician or a line marketing
voice and tone on all blogs.
manager.
Call for the posting of blogs on a consistent basis.
Despite good intentions, “business
speak” dictates the voice of many
In addition, internal auditors need to assess the risks
corporate blogs.
organizations could be exposed to by either creating a
There is often no strategy to
corporate blog or becoming an active participant in another
discontinue an unpopular blog.
blog. For instance, auditors need to determine the kinds of
As employee bloggers become
messages the organization could send that may prove risky
popular, the company’s brand may
and provide recommendations that enable the organization to
suffer as the individual, rather than the
control the different elements of risks.
organization, is now seen as the
source of information.
There might be legal repercussions when negative content is allowed to be published, especially
on an external blog or when employees make promises on behalf of the company.
Some employees may cast the corporate brand in the wrong light.
It is hard to measure a blog’s success, especially when it is measured in terms of the overall
number of visits, blog registrations, and comments.
As these problems indicate, without a clear-cut organizational blogging policy and strategy, corporate
blogs can turn into dead zones. Worse, enabling employees to post information on personal blogs about
corporate information can provide material suitable for a lawsuit. The question then is, what kinds of
recommendations can internal auditors make to enhance the presence of existing or future corporate
blogs?
Recommendations
Nancy Flynn, the founder and executive director of The ePolicy Institute, an organization that provides
policies and advice on information security issues, recommends that organizations keep in mind the
following 12 rules before implementing a corporate blog:

10 Wikipedia’s corporate blog entry, http://en.wikipedia.org/wiki/Corporate_blog
11 “The Many Challenges of Corporate Blogging,” www.web-strategist.com/blog/2008/05/29/the-many-challenges-of-corporate-
blogging/
3


1. The blog is an electronic
communications
List of Common Blogging Policies
“powerhouse.” According to
Flynn, blogs can have a
Below is a list of 14 core, common, and unusual corporate blogging
greater impact on business
practices, as described on CorporateBlogging.Info’s Web site based on a
communication efforts than e-
survey of several business blogging policies.
mail, instant messaging, and
traditional marketing-oriented
Core (i.e., policies found in all companies surveyed)
Web sites combined. In
addition, blogs can have a
Employees are personally responsible for all the content they
greater impact in helping to
provide, not the organization.
promote the organization’s
Employees must abide by existing corporate rules.
image or brand than more
Employees are not allowed to disclose secret, confidential, or
traditional electronic
otherwise company-sensitive information on personal or
communication tools.
corporate blogs.
2. Not all organizations need a
Employees must display common sense when interacting on
corporate blog, nor are they
the blog — be nice, don’t insult anyone, don’t use profanity or
appropriate in all companies.
attack people personally, and avoid inflammatory subjects.
Evaluating the risks and
benefits of a corporate blog
Common (i.e., policies found in approximately half of all companies
can help organizations
surveyed)
determine if one is needed or
if it will add value to corporate
Bloggers are recommended to be relevant and write about what
strategic efforts.
they know, thus adding value to the blog.
3. Similarly, determining why an
Employees must follow internal policies and procedures,
organization wants a blog in
discussing what can or cannot be said about the organization in
the first place can help
a public or quasi-public forum.
establish clear strategic
Employees must respect copyright law.
blogging objectives.
Employees must cite and link to material where appropriate.
4. Business owners and
Employees must talk to their managers whenever they are
executives need to learn how
uncertain about posting information.
to strategically and
successfully manage today’s
Unusual (i.e., policies found in few of the companies surveyed)
blogosphere through
education and training.
Employees can (or can’t) write on company time.
5. A blog’s casual and
Employees need to keep in mind the blog’s goal when posting
conversational nature, while
information.
making it appealing to writers
Employees may disagree with company policies, actions, or
and readers, also can be
management, but must do so in a respectful manner without
dangerous to an
attacking fellow employees, authors, customers, vendors, or
organization, as employees
shareholders.
may be tempted to provide
Employees must stop blogging if instructed to do so.
inappropriate or sensitive
Employees must contact the organization’s public relations,
business content.
media relations, or communications department if a member of
6. Organizations without an
the media contacts them about a corporate-related blog.
external blog program may
risk losing position, market
share, reputation, and sales to technically savvy competitors.
7. Establishing written rules and policies governing blog use and content is necessary for the
strategic management of blogs and other electronic business tools. A good point to keep in
mind when writing the blogging policy is that all information included in a blog can be subject
to a libel lawsuit, much like in a publication. As a result, content should be reviewed and
approved before going live.
4


8. Corporate blogs that are poorly managed can open the door to business risks, including but
not limited to loss of trade secrets, confidential information, and intellectual property; negative
publicity, a damaged reputation, or public embarrassment; copyright infringement,
defamation, and sexual harassment lawsuits; court sanctions, legal settlements, and
regulatory fines; and loss of employee productivity.
9. Business management and technology, and the legal system have not fully caught up with
the potential risks of corporate blogging. However, recent e-discovery laws in the United
States and abroad, such as the U.S. Federal Rules of Civil Procedure, are shedding light into
the potential dangers of electronically stored information. (For more information on e-
discovery compliance, read “On the Road to E-discovery” (June 10, 2008) and “Facing the E-
discovery Challenge: A Proactive Approach” (Nov. 10, 2007), published on ITAudit,
www.theiia.org/itaudit).
10. Don’t allow any single department to dictate the organization’s blogging program or policy.
Different business units, functions, or departments need to work together in implementing
corporate blogging rules, policies, and procedures.
11. Require all employees to sign a confidentiality agreement to protect trade secrets and
confidential data belonging to the organization, employees, customers, business partners,
stakeholders, and other third parties. The confidentiality agreement should cover comments
posted on corporate, personal, and other external blogs during or after work hours.
12. Use discipline to ensure employee compliance with blog rules, policies, and procedures. In
addition, blog content and use rules should be put in writing and inform employees that any
violation will result in disciplinary action leading to and including termination.
In addition to these recommendations, it is
important for organizations to listen to what
Blogging Tools
the community is saying about them in other
Organizations should not be afraid to use more than one
blogs as part of its overall blogging strategy.
blogging tool. In addition to blogging publisher WordPress,
“Organizations need to identify what others
http://wordpress.org/, organizations should incorporate
are saying about them and participate in other
images, presentations, and even videos as part of their
blogs,” says Peter Scott, IIA Director of
blogging posts. Free services such as SlideShare,
Marketing. “This will enable organizations
www.slideshare.net/, and YouTube , www.youtube.com/,
looking to implement a blog to become part of
can help organizations download PowerPoint presentations
the blogging community by participating in
as well as videos that can enhance a blog’s message.
already existing conversations.” An important
aspect to keep in mind, Scott continues, is to
determine how the organization will respond to
negative comments. “As a rule, the organization should provide feedback in a positive tone that adds
value and substance to the comment and the blogging community as a whole. Otherwise, the comment
can be viewed as self-serving, redundant, or unnecessary, which could hinder the organization’s
reputation and business efforts.”
This aspect of blogging, reputation management, is one of four areas — content control, voice and tone,
and consistency — that internal auditors need to keep in mind when reviewing an organization’s blogging
or social media policy. “Every organization should have a social media policy, even if the organization
decides not to create an external blog or simply uses an internal one,” Scott emphasizes. Because
everything posted on the Internet can be disseminated publicly in an instant, internal blogs should be
treated the same way as external blogs. “It is just as easy for an employee to copy information from an
internal corporate blog and paste it on their personal Web site as it is for them to copy information from an
external blog,” says Scott.
To this end, organizations need to keep a watchful eye once a corporate blog is in place and actively
monitor all blogging activity from employees. Thus, in addition to reputation management, organizations
should have a social media content strategy. “A key aspect of having a blog is to promote an
atmosphere of corporate transparency and openness,” explains Scott. “However, just because you can
do something it doesn’t mean you should.” Therefore, the social media content strategy should stipulate
5


what employees are allowed to say about the organization during all corporate and personal social media
activities. For example, many policies prevent current and former employees from making any comments
— good or bad — about the organization and from disclosing sensitive or confidential information.
Effective blogs also have the right tone and voice. “When it comes to a blog, marketing and public
relations staff need to put the pen down,” says Scott. “Blogs need to have a conversational, authentic
tone, and the best way to accomplish this is by appointing an author or group of authors.” Many large-size
organizations, Scott points out, have a chief blogger or corporate blogger who gathers information that is
then reviewed and posted on the corporate blog.
Many organizations also have staff members actively monitoring and participating in external blogs where
information is shared about the company. A problem with having a designated author is that blog
participants may visit the blog, not to read the latest news about the organization, but to read the latest
entry by the author. However, as long as the organization remains the main focus of most blog entries,
the company can avoid situations in which the blogger becomes his or her own brand.
When appointing internal staff as designated bloggers, Scott recommends for organizations to look at
those performing nontraditional business roles. “People would much rather talk to the person who
designed the Xbox 360, rather than Microsoft’s public relations manager,” he says. Therefore,
organizations should appoint staff who have something to contribute to the blogging community or who
can address customer responses or complaints more effectively. This may not necessarily be the
customer relations staff or even the CEO. In fact, “not all executives should be allowed to blog,” says
Scott. “It all depends on the executive and whether he or she can keep the blog on a conversational tone
without sounding promotional.”
Finally, blogs have to be consistent. “Blogs that die are the one that provide stale, boring, and old
content,” explains Scott. “They also don’t provide fresh, new content on a consistent basis.” Although the
old adage of quality over quantity holds true in the blogosphere, the organization should make it a point to
be consistent regarding the number of comments it posts per week. This encourages others to continue
visiting the blog. “A good policy is to provide three posts per week, roughly 400 words each,” Scott
mentions. General Motors’ blogs, http://www.gmblogs.com, and Dell’s Direct2Dell,
http://direct2dell.com/one2one/default.aspx, are examples of blogs that provide fresh content on a
consistent basis. (For additional recommendations for internal auditors, read “The Four Do’s of Corporate
Blogging.”)
6


WHAT IIA MEMBERS AND OTHERS ARE DOING
As explained in the last section, it is important to see what others are saying and doing as part of the
blogging community. This extends to the use of blogging and social media policies and procedures.
Consequently, before organizations establish a blogging policy, they should see what other organizations
in their industry have implemented as well as what works. A good source of information for internal
auditors is CorporateBlogging.Info, www.corporateblogging.info, which provides a comparison of
business blogging practices.
The Web site offers a description of nine blogging policies commonly found in organizations including
IBM, Yahoo!, and Plaxo and breaks down the nine policies in two sets: core policies (i.e., those existing in
all companies surveyed) and common policies (i.e., those implemented in approximately half of all
companies). (For a complete list of all 14 policies, read “List of Common Blogging Policies.”) Internal
auditors also can read a March 2008 article published on the Social Media Marketing Blog that
summarizes the key activities of two successful external corporate blogs — Dell’s Direct2Dell blog and
LinkedIn’s blog — and what the organizations have done to keep them relevant among customers. As the
article explains, successful blogs:12
Are created in response to a particular problem that needs to be solved and are part of an overall
communications strategy.
Have clear measures of success. Metrics cited to measure success include benchmarking
yourself against the competition (e.g., tracking the number of posts on a weekly basis), as well as
tracking the blog’s tone (e.g., ratio of positive to negative comments over time) and engagement
(e.g., the number of blog subscriptions, comments posted, etc.).
Are relevant to the target audience by taking action on information posted, thus showing
participants information is read and analyzed.
Establish conversations that make it easy for the customer to interact with the organization.
Have the support of the entire organization. Oftentimes, this means the organization may need to
experience change for the social media strategy to take root.
Employ whatever tools their customers use to answer problems or questions in the shortest
amount of time, such as live stream videos.
Unfortunately, not many organizations have a corporate blogging policy. According to a March 2008 Flash
Survey of 170 IIA members on blogging within the organization, nearly 90 percent of the organizations
represented in the survey do not have a blogging policy (refer to Figure 2). While this finding could be the
result of organizations not having a corporate blog, thus having a blogging policy may seem unnecessary,
employees may still visit personal or other external blogging sites at work. Consequently, a formal
blogging policy can serve as a good preventive measure that lets employees know the kinds of corporate
information they can write about in an external or personal blog site during and after work hours to avoid
lawsuits.
Figure 2. Percent of IIA Flash Survey respondents with corporate blogging policy
Source: IIA Flash Survey, “Blogging Within Your Organization” (March 2008)

12 The Social Media Marketing Blog, “Corporate Blogging — How the Pros Do It,” www.scottmonty.com/2008/03/corporate-
blogging-how-pros-do-it.html
7


Of the 10.1 percent of auditors who indicated their organizations do have a blogging policy, the use of
blogs varied from marketing purposes to product blogs (refer to Figures 3 and 4).
Figure 3. Corporate blog use among Flash Survey respondents
Source: IIA Flash Survey, “Blogging Within Your Organization” (March 2008)
Figure 4. Control of blog use among Flash Survey respondents
Source: IIA Flash Survey, “Blogging Within Your Organization” (March 2008)
When it comes to using their employee e-mail account for blogging purposes, 25.3 percent of
respondents said this is not allowed, 20.2 percent said this is discouraged, and 15.2 percent said it is
controlled or monitored. In terms of handling employee blogs through a method that would identify the
organization, 13.6 percent of survey participants said this not allowed, 10.4 percent said this is
discouraged, and 8.4 percent said this is controlled or monitored. Finally, when asked what area of the
organization auditors would report unpermitted use or misuse of blogging to, the number one response
was IT (refer to Figures 5 for a breakdown of all responses).
Figure 5. Party responsible for receiving reports of blog misuse or unpermitted use
Source: IIA Flash Survey, “Blogging Within Your Organization” (March 2008)
8


RESOURCES
As more employees join blogs where they can express their opinions or create their personal blogs,
implementing a blogging policy or incorporating blogging procedures as part of the organization’s
information security stance is more than good business practice — it is a necessary preventive tool that
can keep the organization out of trouble if a corporate secret where to be divulged in a public forum. In
addition, as more organizations take advantage of today’s Web 2.0 technologies, a blogging policy should
be an integral part of any blog implementation effort.
Unfortunately, many organizations are still playing catch up when it comes to implementing corporate
blogging policies. As part of their work, internal auditors can help organizations enhance their current
blogging efforts by providing recommendations that maximize the use of this powerful communication
medium, as well as ensure a blogging policy is in place that clearly states what can kinds of corporate
information can or cannot be shared through a blog.
For additional information on blogging, internal auditors and CAEs can visit the following Web sites:
Reference Web sites and Online Resources
CorporateBlogging.Info’s Web site, “Policies Compared: Today’s Corporate Blogging Rules,”
www.corporateblogging.info/2005/06/policies-compared-todays-corporate.asp.
International Association of Online Communications’ Web site, “12 Best Practices for Business
Blogging,” www.iaocblog.com/blog/_archives/2006/12/13/2571935.html.
Marketing and Innovation Web site, “Golden Rules for Corporate Blogging,”
http://visionarymarketing.wordpress.com/2008/05/29/blogging/.
The Social Media Marketing Blog, “Corporate Blogging — How the Pros Do It,”
www.scottmonty.com/2008/03/corporate-blogging-how-pros-do-it.html.
Web Strategy by Jeremiah’s Web site, “The Many Challenges of Corporate Blogging,” www.web-
strategist.com/blog/2008/05/29/the-many-challenges-of-corporate-blogging/.
Web Strategy by Jeremiah’s Web site, “Web Strategy: The Many Challenges of Writing a CEO
Blog,” www.web-strategist.com/blog/2007/10/12/challenges-of-writing-a-ceo-blog-checklist/.
Sample Blogging Policies
CorporateBloggingInfo’s Corporate Policies Web page:
www.corporateblogging.info/2004/06/corporate-blogging-policies.asp.
Feedster: http://feedster.blogs.com/corporate/2005/03/corporate_blogg.html.
Hill & Knowlton: http://weblogs.netcoms.com/blogs/niallcook/archive/2005/05/19/279.aspx.
Plaxo: http://blog.plaxoed.com/2005/03/29/plaxos-communication-policy/.
Sun Microsystems: http://www.tbray.org/ongoing/When/200x/2004/05/02/Policy.
Yahoo!: http://jeremy.zawodny.com/yahoo/yahoo-blog-guidelines.pdf (PDF, 23.7 KB).
Article, Books, and Reports
CNET.com, “Corporate Employee Blogs: Lawsuits Waiting to Happen?”,
http://news.cnet.com/8301-10784_3-9903070-7.html.
The IIA’s Flash Survey archive, “Blogging Within Your Organization” (March 2008),
www.theiia.org/download.cfm?file=6438 (PDF, 130 KB).
TopRank Online Marketing’s Web site, “5 Reasons Why Business Blogs Fail,”
www.toprankblog.com/2008/05/5-reasons-why-business-blogs-fail/.
9


APPENDIX: SAMPLE BLOGGING POLICY
_____________________________
Blog Code of Conduct
To benefit from [Insert Name of Blog Here] we ask for all of our readers, including XYZ Corp.
employees, to abide by our code on conduct.
The purpose of this blog is to encourage participation. Your feedback will be vital to the success of
ongoing and future marketing initiatives.
Lastly, when you post a comment, it will be reviewed and monitored by the BlogMaster first prior to
posting. We do so because:
(1) This blog is public. Given this, it will then be accessible to the spamming community and those
comments are obviously irrelevant.
(2) Should we receive any comments that do not abide by the Code of Conduct below, we will not post
it. Management will contact the user directly to address any and all issues raised in the post.
Note: We do not wish to censor any posted comments. However, to prevent abuses by a few people and
to keep this blog comfortable and appropriate for the general audience, which includes people of all ages,
races, religions, and nationalities, we reserve the right to remove any notices in violation of our Code of
Conduct that are brought to our attention. Therefore, all comments in violation of our guidelines are
subject to being removed immediately and without prior notice.
By posting here, you agree to the following statement:
I agree that I will be solely responsible for the use and content of all blog comments that I post under this
program and that I will indemnify XYZ Corp. and hold it harmless for any losses or damages to myself or
to others that may result directly or indirectly from any notices that I post here.”
Because of the size of our community, we cannot monitor all posts or comments on the site. If you see a
message you believe violates our guidelines, please contact us at [Insert contact e-mail address here].
We hope that these guidelines will make the [Insert Name of Blog Here] successful and enjoyable for
everyone.
To participate in posting comments, you agree NOT to:
Post anything obscene, vulgar, sexually explicit, illegal, harmful, insulting, threatening, abusive,
harassing, humiliating, embarrassing, defamatory, libelous, untrue, invasive of someone else's privacy, or
objectionable (in our sole discretion).
Post anything hateful — including targeting race, class, gender, age, sexual orientation, religion, national
origin, weight, or disability.
Post with the intent to disrupt or disturb the community or to interfere with another user's use and
enjoyment of our community.
Attack the character or damage the reputation of other users, including but not limited to the use of name-
calling, insults, ridicule, harassment, and mockery, or otherwise assaulting other community members.
10


Insult, attack, belittle, or ridicule the beliefs and life choices of other users, or tell others what they should
believe or how they should live.
Create a screen name to hide your identity and violate our guidelines.
Post or link to inappropriate content. Inappropriate content is anything XYZ Corp. deems obscene or
vulgar, including graphic images or stories.
Post anything you don't have the right to publish or violate any copyright or other proprietary rights in your
posts. That includes excerpting published articles without the author or owner's permission.
Transfer issues or posts from this blog to another with the intention of drawing negative attention to the
post. In addition, don't quote someone else's comment from another blog without that person's permission
and refrain from directing people to controversial or problematic comments on other blogs.
"Hit and run." Please don't comment to a posting where you wouldn't ordinarily, simply to point out the
wrongness of another poster or group's actions, beliefs, or comments.
Use all capital letters in your comments.
Flood. This includes repeatedly "bumping" a comment, disrupting a discussion via comments by entering
the same phrase over and over again, or otherwise using up bandwidth.
Post on behalf of a banned user. This is grounds for immediate banning of the blog without notice or
warning.
Violations of These Guidelines
If you violate the Code of Conduct, you will be contacted individually by XYZ Corp. Your actions may
result in a warning, suspension, or permanent banning from participation in any XYZ Corp. online
community. We do not publicly discuss or announce warnings, suspensions, or bannings.
Banning is done at the XYZ Corp.’s discretion and is the result of our sole judgment of a user's
demonstrated inability or disinclination to follow our guidelines. We reserve the right to ban any user at
any time for any reason with or without warning.
If a comment is posted that violates any these guidelines, but contains information that is useful to the
original poster or other members of the site, it may be edited or locked. However, if in our sole judgment,
a comment was deemed to be created for the purpose of violating the guidelines, violates enough
guidelines to be irredeemable, or contains no otherwise useful information, it may be removed.
_____________________________
Please note this sample blogging policy was printed and modified with permission from the author. Also, the sample
blogging policy is meant to provide a good starting point for organizations in need of establishing a similar process.
However, each individual blogging or social media policy should ultimately fit the particular needs of the organization.
11


12