Some emails or attachments contain viruses. The damage they can potentially do to your organization is staggering, and therefore we have no reason to debate the need for firewalls and anti-virus protection. The consequences of inaction outweigh the cost of taking action and accepting some restrictions regarding access. Why shouldn’t the same concern exist for other potential costly “viruses” you may allow into your information system, like unverified information? Whether this information is tainted due to negligence or the result of the subversive marketing strategy of a “sinister” competitor, the source and quality of the information you download cannot be accepted at its face value simply because it was out there. If you are going to increase your use of the web (and mostly likely you already have been for several years now) to compensate for the elimination of in-house knowledge or experience, then your ability to establish guidelines, policies, quality control, and verification steps to control the use of data is as important as updating your virus definitions. Step 1: Intellectual Inventory In any project, before you can determine where you need to go, you must first establish exactly where you are. You need to gather your staff and begin the process of a skill inventory ó a “no kidding or beating around the bush” skill inventory. Based on education, previous job responsibilities, certificate training, mentoring, and seminar and research experience, determine who in your organization possesses the greatest knowledge in the following general areas:
- Employment Law (State and Federal)
- Automation (recruiting-related and HRIS, or each as its own sub-group)
- Employee Relations
You may choose to combine or expand the basic categories. For example, if you use a lot of non-citizen employees, then visa processing may be a category unto itself. One of your recruiters may be very weak in general HR law, but well practiced and knowledgeable when it comes to the ins and outs of the INS. You may want to assign multiple tasks based on the personal and professional experiences of your staff. Based on the skill inventory, you may find one or two individuals “burdened” and others with no assignment. At the beginning you must remember you are not “dividing up labor”; you are assigning a critical responsibility to those best prepared to be successful. Part of this program should include assigning a “deputy” who lacks specific critical knowledge to a “primary” to facilitate expanding your team’s knowledge base. An inventory must always be accurate and not based on good intentions or wishful thinking. Just ask any member of the audit department at Enron. You may need to import talent into your HR/staffing organization due to a deficiency within your team. For example, you may require the assistance of corporate counsel for legal issues. It is better to accept your team’s shortcomings and take steps to correct them than it is to ignore them. During this inventory, one major issue to consider is human nature. All of us wish to succeed, but sometimes the desire to be “seen” as successful overrides the understanding of what it means to be truly successful. In an effort to meet your requirements, your staff may overstate their skills or embellish their depth of knowledge. This is human nature and not intentional dishonesty. Do not hesitate to ask for examples or verification when you are in doubt. Some of your team members may well feel qualified in their roles, or desperately wish to be, and therefore may tend to seek more responsibility than is prudent. Take a good inventory. When you are done, you should feel that you have a “subject matter expert” in each critical field. Step 2: Policy and Practices A simple policy needs to be in place that clearly specifies that no website can be used for information that will determine policies or practices in those areas where there exists the likelihood of legal or litigious risk, unless that site is:
- Regulated by a state or federal agency
- Regulated by an industry-recognized expert, or board of industry-recognized experts
- Regulated by a school or university with credentials in that specific area of information
- Currently on the approved site list
- Approved by the subject matter expert, and signed off on and added to the approved site list. There is no need for prior approval for sites to be used as general information resources or self-education resources. But if you are doing research for new policies to reflect changes in the pension regulations for a handout for your employees, you should not be using information gained from the responses from the Q and A section of the Better Homes and Gardens website. The sign off should include the department head or their designated point of contact. It makes sense to have the webmaster supporting HR also involved in this process. Of course, this only makes sense if both the HR/staffing corporate officer and webmaster take their roles seriously and exercise due diligence in reviewing the authorization request seriously and review the supporting data with a critical eye. A person in the HR/Staffing group should maintain the approved list online, and in real-time, to insure accurate data is maintained. In addition, to save time, you should also have started to maintain a “Banned In Boston” list: a collection of websites that ó based on past experience, reliable network information, or industry reputations ó are not allowed to be used for official company business. Sign off should also include the subject matter expert in your organization in that related field. If you are accessing sites for legal information, the corporate counsel should be involved. If you are seeking financial resources, the CFO should be involved, and so forth. Again, they must take this role seriously and investigate the reliability of the site you propose based on their expertise. A site need only be approved once. Step 3: Validation A site should be investigated to determine who is the person responsible for content and content control. This should be possible through the websites’ own list of contributors, their roles, and their bios. In addition, you can use the research and investigative power of your web tools to do further research of the site and its creators. Are they who they say they are? If this site charges a fee and you cannot accomplish the above through resources provided by the site, that would be a first “red light.” An effort should be made to determine if the site is in fact directly or indirectly the property of a product or service provider related to the information they offer as a service. The fact that an ATS newsletter is controlled by an ATS company does not negate the value of the data totally, but it does indicate the need for the use of multiple sources for research to offset any bias, intentional or unintentional, in the information presented. Even honest people are prone to favor that which they are closest to. For example, my niece and nephew are the two smartest teenagers alive in the world today. Period. If you are searching for the two smartest teenagers in the world as a function of your job with a real need to be accurate, you may want to rely on more than just my word on this issue. (Actually, they really are the two smartest teenagers in the world. It’s safe to risk your job on my say-so.) We are judged by the company we keep, and websites should likewise be judged by their sponsors. It also gives you a list of sources to contact to inquire about the prospective site and the reasons why they have chosen to invest their marketing dollars in association with the site in question. Remember, often the reason to invest is more a function of “hits” than quality. But this is also offset by an advertiser’s desires not to be associated with “train wrecks.” The same attitude and efforts towards judging and referencing advertisers should also be used in judging and following up on links offered by this site. If it is associated with reliable and knowledgeable sites through “shared links,” that is a positive reference. It is reasonable to assume that a site with few industry-related or respectable associated links is as good a source as one with a long list of co-operative links. Look for names of industry-acknowledged leaders. Test the site by asking the resource under consideration via the Q and A section or active peer discussion group a series of known quantity questions of pre-determined quality levels (A, B, and C) in several critical areas of HR/staffing practices, resources, and law. Judge the responses by accuracy and grade accordingly. Take several past projects, already researched by means currently available, and repeat your efforts. Again, grade accordingly. Is the new data more or less complete? Is this source offering a value plus, neutral, or negative? Ask the subject matter expert to give you some “higher level” questions and grade the responses gleaned from the site. You now have the ability to give the site a grade on its effectiveness. Look at the profiles of respondents. Is there a rich and diverse membership? How many respondents came back with hyperlinks to sites and issues you were not interested in, leads “a la spam”? Enlightened self-interest is a good thing, but if you do not get your questions answered by those also offering their need as part of the equation, why bother? In addition, judge the site or respondents for their professionalism, timeliness, originality, accuracy, and pedigree. Target knowledge levels of a site with the knowledge level you are seeking. If you are a senior HR/staffing executive working on international HR/staffing issues, a site populated primarily with third-party recruiters in Nebraska with no international business experience is of dubious value. If you are a recruiter with daily interview process issues, then a site full of HR/staffing executives who have not conducted a serious field interview in 12 years is of about the same value, i.e. none. Ask respondents to advise you about their experiences with the site in question and to recommend others that might also be of value. Do not forget to match the respondent’s email address with the site they are praising. If the respondent is email@example.com and they are recommending a site called www.xyz.corp.uk, well, you just have to consider the source. Quality of moderation or regulation is another issue. Too many “professional” sites seem to actually be “venting societies” for people with attitudes or the inability to deal with issues face-to-face, so they use the web to go ballistic. If I want a fight, I will go to a family reunion. I go to websites for informational discussions and intelligent information exchange. Is the site regulated to limit “net rage”? Procedure As with a candidate reference check and credit approval, have an online form with the steps you have determined best protect the integrity of your information gathering. Require that “e-footnotes” be included on the source of any policy developed or researched. It may be necessary to be able to demonstrate your efforts to control information utilized and the source of all external data used in creating policies and procedures. It is possible to “dodge a bullet” in litigious matters when due diligence can be demonstrated. Have a policy in place clearly stipulating the requirement that all resources used for the development of policy or procedure with legal or litigious risk require approved sites only and the use of information from non-approved sites in the development of policy or procedure is terminal offense. This may aid the company in protecting itself from action taken by officers of the company in formulating poor policy based on erroneous information outside guidelines, but only if periodically audited and constantly enforced. Maintain an “approved information resource access” list, much like an approved vendor list, with a clear review and retention policy. It is more likely to work if you assign a member of the HR/staffing organization with the chartered responsibility to maintain the list and enforce the practices. Nothing insures enthusiasm more than personal jeopardy. Conclusion We have accepted the rise of technology and data transfer with “firewalls,” data security procedures, virus protection and password access. But we routinely allow our employees to access and use the information they find online without any of the other guidelines and policies we readily apply in other critical areas. Think of the most recent critical policy you approved or countersigned from a subordinate based on the research they completed and proudly displayed on an Excel spreadsheet as part of their justification.
- That data was verified by whom?
- Using what standards?
- Other than verifying that “they” were satisfied with their resources, what other standardized assurances did you have that they had a right to be “satisfied” with their e-sources?
Once upon a time, companies retained senior and experienced staff to maintain an internal information library of knowledge that could also serve as a double check for the work of others. Many have mistakenly assumed that the existence of the Web and the information gleamed from it has eliminated that need. But that leaves the question open, who verifies? President Reagan, when asked if he really trusted the Russians as pertains to nuclear arms reduction said, “I trust, with verification.” Last week I created two fictional websites in my scenario illustrating these issues. I received several requests to reprint the links, since many readers tried to access the sites and could not locate them. Too many of us blindly try and “click our way” to answers. As a policy I always feel that anytime you rely on strangers who face no consequence for error to provide information critical to the training of your own staff, you have already accepted a degree of risk with great potential negative consequences. So, who is training your staff anyway? Have a great day recruiting!