Part II: Fed Guidelines for Social Media Review
I promised in my last post to walk you through the various supporting documents that are tied to the Feds’ Social Media Guidelines. Also, I will act as translator for all the corporate/government speak. This way lies madness, abandon all hope ye who enter, etc.
One of the linchpins of the document is the President’s Memorandum on Transparency and Open Government to the various government agency heads. Basically, it boils down to government needs to be transparent, participatory and collaborative to the public. Now the day this actually happens, I’ll eat my hat. But, this has been the general statement of government leadership since the 90’s, at least in Virginia. Some may claim this goes all the way back to the Enlightenment, which actually makes sense if one is familiar with the speed of government initiatives.
Be that as it may, these types of documents normally light a fire under executive management and much running around in circles begins. So next up we have the Federal CIO Vivek Kundra sending out his own memorandum on the subject. Basically he says the same thing as the president with a nod about security concerns and “Web 2.0” tossed in for flavor. At the NASCIO event for state CIOs, he lays out a very high-level framework for implementing the current administrations aspirations. Here he also gives a nod to security concerns. What is interesting about the write up on the event was an anonymous CIO giving a mild raspberry to Mr. Kundra’s plan; interesting stuff for a puff-piece. A lot can be inferred from that one-liner, but I’m sure those experienced in the ways of government already know what I’d say.
We move from pronouncements made on-high to the bare-knuckle street fighting of agency politics. The document rightly states that engaging in Web 2.0 is a risk-based decision, driven by key stakeholders in the organization. For the Feds that means lawyers, PR flacks, various annoyed IT types, the CIO, CISO, Privacy and the owner of the initiative.
So, I was anticipating some more detail on the actual implementation process within an agency, but it only rates a brief paragraph. We can see that above I suppose, basically, standard PMI methodology for the social media project itself. No case studies of successful implementations are presented or referred. Methodologies or technologies go unmentioned. I get the feeling if you are a CIO at an agency and are considering a social media project, you might be the first one out the chute.
Later in the document it discusses security and risk management controls. These we will discuss at a later date. I’ll be back for Part III where we look at how the Feds define security threats.