Once you have identified who in your organizations should be tasked with establishing digital policy, it is time to assign official duties. I have provided a good list to get you started.
In a recent post, I provided some insight into the attributes that make a good digital policy steward. Once you have identified this individual they should be tasked with establishing a program which balances the risks and opportunities of digital operations. But what does this really mean?
The digital policy steward’s job is find the equilibrium between the risks and benefits of using digital to achieve the organization’s business strategy. In my experience working with private and public sector organizations, the following are the common responsibilities of a digital policy steward:
- Develop a digital policy program that aligns with the organization’s business goals and objectives
- Reconcile traditional policy areas (e.g., records management, disaster recovery) with digital policy requirements
- Track legal, regulatory, and industry-related digital trends that may impact the organization’s online activities
- Initiate digital policy creation by identifying areas of digital risks and opportunities
- Incorporate digital policy into the organization’s digital center of excellence, or in large multinational settings, maintain the digital policy center of excellence as a local market resource
- Support the education and mentoring of digital workers on policy topics, including the development of job tools
- Measure compliance to digital policies
- When necessary, create and support programs to remediate situations where compliance isn’t achieved through digital worker’s lack of knowledge, effort, or desire
The digital policy steward’s exact responsibilities will differ based on the size of your organization, its industry, and the business culture that you foster. For example, highly regulated industries such as life sciences or banking may have more extensive accountabilities as the role will span policies into procedures and detailed controls.
In some instances, more than one individual may fill the role of the digital policy steward. This is common in organizations that have a decentralized operating model with multiple layers of unique business requirements. For example, in a large multinational, the corporate headquarters might set policy which is then localized to the regional level. Subsequently, the digital policy could be further localized to the country level, and again customized to a municipality. A policy steward at each level of this multinational would be appropriate, resulting in a total of four country-specific digital policy stewards. In this scenario, the corporate headquarters ought to establish a center of excellence to support all of the other policy stewards.
For more information on how to determine who should have what type of governing authority, I suggest you read Lisa Welchman’s book Managing Chaos: Digital Governance by Design. In the book, Lisa discusses the different types of digital teams and how different governing models determine the parts of your digital team and their authority. She includes how to determine which layer of the organization should make what digital policy decisions.
If you are struggling with extending a job description to include policy steward responsibilities role or just need external perspective on how to position the duties, let me know and we can talk about approaches to get the job done.