Great collaborative communities begin with good governance

Editor's note: In this Q & A, the last in a two-part series, ebizQ's Peter Schooff and Forrester Research analyst Rob Koplowitz continue their conversation about enterprise collaboration. Here, in an excerpt from a longer podcast, the two discuss governance strategies for online business communities. In Part I, Koplowitz, a Forrester vice president and principal analyst, offered advice on creating collaborative communities that work. Koplowitz was among the keynote speakers at Forrester's 2011 Content & Collaboration and Business Process Forums in Boston.

PS: If you've got online communities in your company, how soon should you introduce governance?

RK: I think you need to introduce governance before you even launch the online community.

If human resources has concerns, if legal has concerns, if compliance has concerns, let's put those on the table [before launching], because they're solvable. They're absolutely solvable concerns.

What you really don't want is to launch the community and then find out that HR has privacy concerns, or the compliance folks are concerned about what might be shared in this environment, or the security folks think there's an intellectual-capital issue. You really want to have everybody onboard from the very beginning.

If you get the governance laid out in advance, it's not all that difficult to do. And then you don't have to worry about those roadblocks when you're trying to build your community.

PS: What should people think about in establishing governance?

RK: We have to think about a lot of things. If we're content and collaboration professionals, we think about privacy. We want to maintain our employees' privacy; we want to maintain our customer privacy.

We think about security. We want to make sure that our intellectual capital stays within our company, that it doesn't find its way outside. We want to think about things in terms of compliance.

Some of the folks that are on the leading edge of this are in highly regulated industries [and already have governance policies and models in place]. A lot of it is simply taking that existing governance model and saying, "Okay, now we have a new model for sharing information. How do we apply it here?" We've already thought about it in terms of blogs; we've thought about it in terms of email, we've thought about it in terms of web publishing. How do we apply it in this new medium, and how is this different from the technologies that we used in the past? The answer is that it's more broadly shared, and it's probably shared more quickly, and it's probably shared by many, many, many more people than we're used to. But none of those are dynamics that are that difficult to manage.

PS: Who should run governance for online communities?

RK: Well, that takes a village. I mentioned that HR's involved, I mentioned that legal is involved; I mentioned that compliance is involved. There are a lot of different folks that are going to want to have a say in how this is shaped.

Ultimately, we do find that the one place where this all comes together is [in the role of] the content and collaboration professional. These folks are very well-suited to, and very experienced at, running these types of governance projects and being able to reach out to all of the relevant stakeholders and making sure that they have a common view of how governance should be implemented.

PS: Many companies are obviously very used to governance. How is this different from other types of governance? Is there a primary message?

RK: I often use the example of my teenage children, who are heavily involved in social networks. I tell them: "It's very simple. If you share information in a social network, assume that everyone sees it. If you take it down, assume that, in fact, it's not gone, that somebody has seen it and it's out in the world. It still exists. So you need to be careful about what you share, and you need to be cognizant of the fact that you're sharing it with everyone."

Again, with that [same approach] in mind, existing governance models and existing policy tend to work very well. There already tends to be that basic level of education that's saying: "The minute you put it out there, everyone's going to see it." So [as a user,] do I put something inappropriate into the social network? No, I don't, because in an enterprise, it's associated with my name, it's potentially a fire-able offense; it's embarrassing, at the very least. So I tend to behave better in a social network, assuming that I understand very well from the beginning that everybody is watching, and everybody is seeing these things, and they're happening for the entire company to see immediately, and I can't really take them back very effectively.

[For that reason,] the upside is that folks tend to behave well in social communities. We have very few instances of real problems…And when something inappropriate does go out, it's handled very quickly. Communities are very, very good at self-policing.

PS: What are some mistakes to avoid in community governance initiatives?

RK: Where we have seen issues--and again, I want to emphasize that these issues have been minor and they have been few--it is where folks didn't necessarily understand the nature of the medium. [For instance, say that as a user] I put something out about a coworker that’s actually a privacy violation and it's gotten out very broadly, very quickly. Maybe I didn't understand that the words that I was using actually were a violation of my coworker's privacy…I also remember one organization that [instructed employees], "Share a little bit more about yourself in your profiles. Put up some pictures from your personal life." Then they looked at what people posted and said, "Not that much; you're sharing too much." These types of things do occasionally pop up.

Some of these things require a little bit of education on the front end about: What are the expectations of the community? What are the expectations of the users' behavior when they're in the community? That, I think, is probably the biggest piece. Again, all of these things are easy to handle on the front end.

This Q & A was excerpted from a more in-depth ebizQ podcast on building online business communities. It has been edited for length, clarity and editorial style.

About the Author

Peter Schooff is a former contributing editor for ebizQ, where he also managed the ebizQ Forum for several years. Previously, Peter managed the database operations for a major cigar company, served as writer/editor of an early Internet entertainment site and developed a computer accounting system for several retail stores. Peter can be reached at

More by Peter Schooff

About ebizQ

ebizQ is the insider’s guide to next-generation business process management. We offer a growing collection of independent editorial articles on BPM trends, issues, challenges and solutions, all targeted to business and IT BPM professionals.

We cover BPM standards, governance, technology and continuous process improvement, as well as process discovery, modeling, simulation and optimization, among many other areas. We follow case management, decision management, business rules management, operational intelligence, complex event processing and other related topics. We closely track important trends such as the rise of social BPM, mobile BPM and BPM in the cloud. We also explore BPM’s use in functional areas, such as supply chain and customer management, and in key verticals, such as financial services, health care, insurance and government.

ebizQ's other BPM-oriented content includes podcasts, webcasts, webinars, white papers, a variety of expert blogs, a lively online forum and much more.