Request for Example Policy on Employee Blog 1701



  • Does anyone have an example policy on employee blogs? Although SOX does not cover blogs, such a policy if implemented, might lessen the risk of an employee making an inappropriate/unauthorized release of financial or other non-public information about his/her employer.
    If you would like to send it to me directly, kindly see my profile and email info on this site. To my knowledge, I do not believe that this Forum allows posting of an email address.
    Thanks,
    Milan



  • Hi Milan - We don’t have these, although I have professionally blogged on IT security topics for a few years; e.g., you can click on the WWW button in my posts 🙂
    Ideas on creating a policy for Blogs

    1. Avoid any disclosure of sensitive, proprietary, or confidential information
    2. Should be professional and represent interests of company from a content standpoint
    3. In some cases, disclaimers can be placed at the end as Microsoft footnotes their blogs (e.g., Content is ‘as is’ and doesn’t reflect view of company)
    4. Blogs subject to ADMIN review and may be amended if content conflicts occur
    5. Blogging is a privilege rather than right and may be taken away if employees misuse this resource.
    6. Quoting other sources should be considered (giving original source credit and watching out for copyright issues)
    7. SPAMMER controls are definitely needed (I kept my 3 blogs closed to any commentary)
      EXAMPLE on use of disclaimers:
      Microsoft – No WWW needed
      blogs.technet.com/msrc/

Log in to reply