Social media affordances and governance in the workplace: An examination of organizational policies



This paper examines how organizations perceive affordances of social media and how they react to their employees' use of social media through policies, a key means of organizational governance. Existing literature identified 4 affordances - visibility, persistence, editability, and association (between people and between people and information) - as action potentials of social media in organizations. Content analysis of a sample of organizational social media policies reveals that organizations especially reacted to the affordances of visibility and persistence much more than to the affordance of editability. It also discovers a third type of association (between employees and organization). It shows how organizations' reactions to social media evolved from being solely concerned with risk management to also considering its value-generating potential.


Social media, enabled by powerful, easily accessible and user-friendly Information Technology (IT) applications, have spread across organizations in all industries (Bernoff & Schadler, 2010; Curtis et al., 2010; Stolley, 2009). Social media have pervaded many aspects of organizing, and have generated new ways of connecting with customers, collaborating, and innovating (Cisco, 2010; Dunn, 2010; Wilson, Guinan, Parise, & Weinberg, 2011). Social media are “Internet-based applications that build on the ideological and technological foundations of Web 2.0, and that allow the creation and exchange of user-generated content” (Kaplan & Haenlein, 2010). Common social media include blogs, microblogs, social networking sites, wikis, and video- or content-sharing sites (Piskorki & McCall, 2010; Vaast, Davidson, & Mattson, forth coming).

Social media present simultaneously opportunities and challenges for organizations. With social media, employees can mobilize resources, implement, and test out new ideas quickly and in a bottom-up fashion (Vaast, 2010). This offers an opportunity to make organizations more agile and responsive to the demands of customers, who today are also equipped with powerful social media (Gallaugher & Ransbotham, 2010). Management, however, faces a number of challenges as it stands to lose some of its traditional control over what IT initiatives and applications are being implemented and used in the organization (Kane, Fichman, Gallaugher, & Glaser, 2009; Safko & Brake, 2009; Stolley, 2009). Indeed, employees, rather than formal business or IT leadership, frequently spearhead social media initiatives (Treem & Leonardi, 2012; Vaast, 2010).

Employee use of social media may thus have diverse impacts upon organizations, both internally (e.g. related to culture, innovation processes; McAfee, 2006) as well as externally (e.g. what organizational image employees might project on public social networking sites; Kane et al., 2009). Organizations, on their part, might seek to encourage certain uses of social media and limit others, which justifies the need for governance. In this regard, organizational policies constitute one of the main vehicles for social media governance available to organizations.

Organizational policies are documents that present guiding principles on a particular topic (e.g. human resources, IT use) and that are established by senior management to shape employees' actions and perceptions in regard to this topic (Foote, Seipel, Johnson, & Duffy, 2005; Six & Sorge, 2008). Policies have long been one of the key tools of IT governance as they can shape employees' perception of IT and contribute to the emergence of shared understandings of what new IT can and cannot do and what uses are appropriate or not (Huang, Zmud, & Price, 2010). Policies have also turned out to be one of the most prevalent tools of social media governance (Guerin, 2011; Kane et al., 2009). In contrast with traditional IT, social media applications are user-friendly and often are available for free or at low cost. Therefore, employee use of social media does not require an allocated budget, training, or other traditional resources that organizations typically controlled via IT governance mechanisms (Sambamurthy & Zmud, 1999, 2000; Weill, 2004).

In this paper, we investigate how organizations perceive and respond to their employee use of social media by examining social media policies. More specifically, we adopt an affordance approach (Leonardi, 2011; Majchrzak & Markus, 2013; Treem & Leonardi, 2012) that suggests that people assimilate and respond to social media based on perceived affordances rather than on a fixed set of features build into the underlying technologies. We thus examine policies to explore what they reveal about how organizations construct four affordances of social media in organizational contexts (Treem & Leonardi, 2012)—visibility, persistence, editability, and association—and how they attempt to govern social media in the workplace.

In what follows, we first introduce an affordance perspective on social media and present four key affordances of social media in organizations. We explain why examining social media policies from an affordance perspective is especially relevant and what it can reveal of social media in the workplace and its governance. We then detail our data collection and analysis procedures and detail our main findings. Next, we discuss implications of our research for the affordance perspective and for the understanding of social media governance in the workplace. We conclude by acknowledging limitations of this research and suggesting several promising avenues for future studies.

Theoretical Foundations

An affordance approach

The ecological psychologist James Gibson (1977) introduced the concept of affordance to account for how various users may perceive and therefore use the same object, such as a rock or a door handle, in widely different ways (Fayard & Weeks, 2007; Zammuto, Griffith, Majchrzak, Dougherty, & Faraj, 2007). According to Gibson, users perceive affordances of an object rather than the material object itself. These perceived affordances refer to the opportunities for action that the object enables the user to carry out. As such, affordances may vary across users depending on their context, competences, and objectives. The affordance perspective especially helps researchers better understand how new IT, including social media, becomes perceived and used in similar and different ways across various social environments (Fayard & Weeks, 2011; Leonardi, 2011; Leonardi & Barley, 2010; Markus & Silver, 2008).

An affordance perspective highlights that the material features of social media do not vary across social environments. Instead, what varies is the perception of members of these environments concerning what opportunities for action these features afford. In this sense, affordances are not only perceptual but also relational in nature (Treem & Leonardi, 2012). They are “action potentials” (Majchrzak & Markus, 2013) constituted by the relationships between the technical (material) features of social media and the people who perceive and use them. Hence, while the features of social media are fairly stable, the affordances are socially constructed and may vary according to the context (Leonardi & Barley, 2010).

Four affordances of social media

Treem and Leonardi (2012) adopted an affordance perspective in order to review current communications literature on social media use in organizations. They identified four affordances of social media that can help understand how social media affect organizational practices: visibility, persistence, editability, and association. Treem and Leonardi (2012) argued that these four affordances are associated with a wide range of features provided by social media (e.g. status updates, editing and commenting capabilities) and that they contrast with other forms of computer-mediated communication (CMC) technologies (e.g. e-mail, videoconferencing). In particular, these four affordances might be in part present in some other CMC technologies but their prevalence and combination characterizes social media in the current organizational context.

Visibility refers to “the ability [of social media] to make [users'] behaviors, knowledge, preferences, and communication network connections that were once invisible (or very hard to see) visible to others.” (Treem & Leonardi, 2012, p. 150) Other CMC technologies afford some degree of visibility, but not to the extent of social media that allow for activities to be made transparently visible to multiple audiences. For instance, a status update on a social networking website can be made visible to part or the whole of a member's network (DiMicco, Geyer, Millen, Dugan, & Brownholtz, 2009).

With persistence, social media allow for content previously created and published to remain permanently accessible (Wagner & Majchrzak, 2006). Once published on the Internet, content can be stored, circulated and accessed for an indeterminate amount of time.

Editability makes it possible for social media users to amend, add to, revise and change collaboratively content published on the Internet. Wikis are particular types of social media applications that clearly illustrate this affordance (Majchrzak, Wagner, & Yates, 2006). As people use a wiki, they can jointly build new knowledge, consolidate their experiences, and innovate (Mejova, Schepper, Bergman, & Lu, 2011; Ransbotham & Kane, 2011).

Finally, through association, social media can create and sustain relationships between entities. Treem and Leonardi (2012, p. 162) distinguished between two types associations. The first one relates people together (Steinfield, DiMicco, Ellison, & Lampe, 2009). For instance, social networking websites are explicitly built upon the social ties of their members (Boyd & Ellison, 2008). The second one relates people with information (Freyne, Berkovsky, Daly, & Geyer, 2010). As someone adds an entry into a wiki, a link between the author and the content is created and becomes available.

Organizations policies and social media affordances

Treem and Leonardi (2012) identified these four affordances based on an extensive review of the emerging literature. There has been growing research on the use and effects of social media in organizations (Gray, Parise, & Iyer, 2011; Raeth, Smolnik, Urbach, & Zimmer, 2009). Much of this literature so far has examined specific applications of various social media technologies in distinct organizational contexts (Stolley, 2009). How organizations actually perceive and respond to employee use of social media, however, has received scarce attention. In particular, we still know little about the governance mechanisms that organizations deploy to regulate employee use of social media. Considering that much of this use is bottom-up and employee-driven in nature, it is difficult for organizations to rely upon traditional tools of IT governance, such as steering committees, budget reviews, etc. (Sambamurthy & Zmud, 1999, 2000; Weill, 2004). Thus, given the widespread, and growing, prominence social media in the workplace and the governance challenges it brings about, it is theoretically and topically important to develop a better understanding of organizations' attempts at social media governance.

This paper examines organizational governance of social media by focusing on established employee policies. Policies reflect the perceptions of social actors involved in their formulation. Organizational policies reveal the prevalent comprehension held by decision makers (Bassellier, Reich, & Benbazat, 2001; Merand, 2006). Social media policies can thus help uncover aspects of organizations' perceptions of social media affordances. Obviously, policies cannot encapsulate all organization members' full and nuanced understanding of a focal phenomenon such as social media. Policies are therefore not “reality” and may not capture the organization's underlying grasp of the affordances of social media. Nonetheless, they provide an expression of the organization's espoused conception of the phenomenon (Argyris & Schon, 1978; Argyris & Schön, 1974) and contribute to its governance by articulating official norms regulating it.

What is more, social media policies have been one of the only governance vehicles available to organizations as they respond to employee use of social media (Kane et al., 2009). Indeed, organizations do not only have to develop an understanding of the affordances of social media, but they also need to respond to it to shape employees' use of social media in the workplace. Through social media policies, organizations aim at guiding and directing employees' practices. Such guidance concerns what employees can and cannot do with social media in the organizational context as well as whether and how their use of social media should become part of what they do at work. The formulation of policies has long been one of the most prevalent tools employed by managers to communicate the formal position of an organization on a variety of matters, including IT and traditional media (e.g. Badaracco, 1998; Johnson & Gelb, 2002; Sambamurthy & Zmud, 1999; Sonnenfeld, 1994; Sprague, 1995). In this sense, policies communicate organizations' official perception of the affordances of social media. They also aim at conditioning employees' practices (Castro & Batel, 2008) as well as, implicitly, employees' own perception of what affordances of social media are appropriate in the workplace.

We examined empirically a sample of social media policies to deepen our understanding of the affordances of social media in the workplace and of organizational governance associated with these affordances. In particular, we investigated if and how policies reflected and reacted to social media affordances. We also wanted to understand how, over time, policies reflected changes in social media affordances and in organizations' response to them. Before turning to our findings, we present our collected data and adopted methods.


Data collection

We collected 74 corporate policy documents concerning the use of public social media sites by employees (e.g. social networking websites such as Facebook, microblogging platforms such as Twitter). We obtained these documents from an online public database of social media governance documents ( From this database containing more than 200 documents as of March 2013, we selected the aforementioned 74 based on the following criteria. First, we were interested in analyzing comprehensive policy documents that covered a wide range of publicly available social media tools and uses, instead of those focusing on a particular application, such as for example a “blogging policy.” Second, in order to ensure a fairly representative nature of the sample we reviewed the entire database of policies and selected organizations from a variety of industries and sectors. Appendix A lists the organizations included in the sample, along with their industry affiliations and policy enactment date, whenever available.

Data analysis

Our empirical analyses focused on identifying and exploring manifestations of the social media affordances and organizational governance principles present in the policies. To accomplish this goal and consistent with the qualitative character of our research, we developed an iterative coding procedure that combined deductive and inductive moments. We used Atlas.ti software to facilitate the coding process throughout the entire analysis.

As the first step of the analysis, we engaged in inductive open coding of the policy documents. We started by randomly drawing three successive subsamples of documents from the dataset and by coding them individually. We did not rely on an a priori coding scheme and allowed for codes to emerge from the data. A coding unit was defined as a segment of text no smaller than a sentence and no bigger than a paragraph. A single segment of text could include several codes. We coded these documents independently from each other. After each of the coding rounds, we reviewed our respective coding, fully reconciled discrepancies through discussions, and consolidated our findings. We used the coding scheme from preceding rounds to code documents in subsequent rounds, while simultaneously modifying and extending the scheme to capture new emerging themes and concepts, as recommended in (Denzin & Lincoln, 2000), (Miles & Huberman, 1994), and (Strauss & Corbin, 1998). After the third round, no further modifications were deemed necessary. The resulting coding scheme included 17 codes—‘policy elements’—defined and illustrated in Table 1.

Table 1. Codes, definitions, and examples from policies
Codes (Salience Scores)*DefinitionsExamples
Social media description (s=39%)Definition and description of available social media applications covered by the policy.“What Is Social Media? Social media can be roughly defined as the tools and content that enable people to connect online, share their interests and engage in conversations. Examples include blogs, microblogs, wikis, media-sharing sites, social networks, and bookmarking sites.” [eWay direct]
Blurring of personal/ professional boundary (s=91%)Guidelines for employees' to deal with blurred distinction between personal and professional realm in social media“The distinction between the private and the professional has largely broken down online and you should assume that your professional and personal social media activity will be treated as one no matter how hard you try to keep them separate.” [Reuters]
What to post (s=31%)Advice related to content of contributions to social media - What to talk about.“You should have good content. Thought-provoking, entertaining, funny, intense, informational, inspirational, deep… whatever the style or the subject matter, good content is bound to touch and to reach out to the right audience.” [British Telecom]
What not to post (s=69%)Advice related to content of contributions to social media—What not to talk about.“Please no remarks that are off topic or offensive. Always demonstrate respect for others' points of view, even when they're not offering the same in return. Never pick fights and always take the high road.” [AMP3]
Foster community (s=35%)Encouragement to generate and sustain sense of community.“It's always about the conversation. If you use social media as a one-way communication tool, you'll soon find yourself talking to a brick wall. You can only be taken seriously in Web 2.0 if you actively seek dialogue, participate in discussions and respond to questions.” [Daimler AG]
Editorial style recommendations (s=89%)Editorial advice (how to talk about things when using social media).“Good Writing Basics - The value of your great idea suffers to the extent that you allow misspelled words and bad grammar. And, if you cannot be succinct, at least be complete and accurate.” [American Institute of Architects]
Identify yourself (s=62%)Request for personal identification and transparency with regard to organizational affiliation.Be transparent. If you participate in or maintain a social media site on behalf of the university, clearly state your role and goals. [DePaul University]
Employee Responsibility (s=59%)Discussions of individual prerogatives and consequences for employees using social media.“You are responsible for your actions. Anything you post that can potentially tarnish the Company's image will ultimately be your responsibility. We do encourage you to participate in the online social media space, but urge you to do so properly, exercising sound judgment and common sense.” [Coca-Cola]
Persistence (s=61%)Discussions of long-lasting traces provided by social media and of their public nature.“Remember that the Internet is not anonymous, nor does it forget” [Bakers Daniel]
Misrepresentation & disclosure of information (s=84%)Advice regarding what information can / should be made public and how to deal with misleading information.“You must make sure you do not disclose or use Kaiser Permanente confidential or proprietary information or that of any other person or company on any blog.” [Kaiser Permanente]
Organization sees value in social media (s=53%)Expression of organizational interest in social media for value creation.“GSA encourages the use of social media technologies to enhance communication, collaboration, and information exchange in support of GSA's mission. By openly sharing knowledge, best practices, and lessons learned within the agency, with and from other federal, state, and local partners, and with and from the public, we can provide more effective solutions and efficiencies to enhance excellence in the business of government.” [GSA]
Organizational support of social media (s=35%)Description of organizational support (e.g. financial, training) provided for social media purposes.“Mayo Clinic's Social Media Team provides oversight and assistance to guide development of new social media platforms, sharing knowledge and instituting best practices for successful implementation.” [Mayo Clinic]
Enforcement and disciplinary action (s=42%)Discussion of consequences of noncompliance to the policy.“It is extremely important that you follow these requirements. Failure to do so may result in disciplinary action, up to and including termination of your employment with Oracle. “ [Oracle]
Follow established (generic) rules (s=76%)Social media policy refers to pre-established rules and regulations.“The purpose of this policy is to assure communications in online communities made on behalf of Sutter Health or its affiliates are consistent with the organizations' Employee Handbooks and Standards for Business Conduct, policies and applicable laws, including laws concerning privacy, confidentiality, copyright and trademarks.” [Sutter Health]
If uncertain, ask authority (s=57%)Employees to refer to authority of management or dedicated social media entity.“If you have any questions about whether it is appropriate to write about certain kinds of material in your role as a U-M employee, ask your supervisor before you post.” [University of Michigan]
Management approval of social media initiatives (s=45%)Request for management's or designated authority's approval of social media.“All City of Hampton social media sites shall be (1) approved by the Director of Information Technology and the requesting Department Head; (2) published using approved City social networking platform and tools; and (3) administered by the Department of Information Technology Web Team or their designee.” [City of Hampton VA]
Avoid work interference (s=41%)Participation to social media should not interfere with work activities.“Respect Your Time. All time and effort spent on your personal site should be done on your personal time and should not interfere with your job duties or work commitments.” [Fellowship church]

We applied this coding scheme to the entire sample. We also recoded the documents used for the development of the coding protocol to accomplish consistency. To ensure reliability of the coding process, we randomly drew 23 documents—approximately 30% of our sample—double-coded them, and then compared our independent coding. Our agreement rate based on the presence/absence of codes in each document was 81% suggesting an acceptable level of intercoder reliability (Kassarjian, 1977; Kolbe & Burnett, 1991). Appendix B details the agreement rate for each code.

The next step of our analysis involved interpreting policies in relation to social media affordances. We engaged in an iterative interpretive process whereby we carefully reviewed our codes, their empirical manifestations (i.e., quotes) and related them to different facets of the affordances. We also investigated policies to search for possible additional affordances not yet highlighted in the existing literature. In going through this exercise, we realized that some of the policy elements went beyond acknowledging (making sense of) a particular facet or characteristic of social media and were aimed, quite explicitly, at shaping employee behavior in relation to that facet or social media use in general. We felt that these elements represented organizational responses to social media or, in other words, governance mechanisms organizations sought to deploy.

Refining the connections between our inductive coding scheme and concepts associated with affordances and organizational governance helped us better understand the relationships among affordances as well as between affordances and governance principles. We examined which facets of social media affordances were especially prominent, and explored whether policies revealed new affordances or unanticipated facets of social media affordances in the workplace. We also examined which governance principles were offered in response to these affordances as well as identified the general approaches organizations employed with respect to social media governance. Table 2 presents a high-level summary of our findings.

Table 2. Social Media Affordances, Governance Principles and Related Policy Elements (Salience scores in parenthesis),
Social Media AffordancesRelated Policy Elements

Misrepresentation and Disclosure of Information (84%)

What Not To Post (69%)

Persistence (61%)

What To Post (31%)


Misrepresentation and Disclosure of Information (84%)

What Not To Post (69%)

Persistence (61%)


Editorial Style Recommendations (89%)

Misrepresentation and Disclosure of Information (84%)

Persistence (61%)


Blurring of Personal/Professional Boundary (91%)

Foster Community (35%)

Governance PrinciplesRelated Policy Elements
Leverage Established Governance Mechanisms

Editorial Style Recommendations (89%)

Follow Established (Generic) Rules (76%)

Establish New Governance Mechanisms

Identify Yourself (62%)

What Not To Post (69%)

What To Post (31%)

Rely on hierarchy and personal responsibility

Employee Responsibility (59%)

If Uncertain, Ask Authority (57%)

Management Approval of Initiatives (45%)

As a final step of our analysis, we explored temporal patterns in the evolution of various facets of social media affordances and governance principles. To this end, we identified a subset of 45 policies in our sample for which the policy enactment date was known. We then grouped these policies into four time periods and calculated “emphasis scores1” for each code in each time period. Based on these scores, we constructed a graph (see Figure 1) reflecting changes in code emphasis over time. We used the graph to guide our qualitative exploration of whether and how the way organizations in our sample represented social media affordances and responded to them via governance principles shifted over time.

Figure 1.

Evolution of codes emphasis over time

In line with the tenets of interpretive research (Klein & Myers, 1999), we also looked for alternative explanations to our emerging interpretations. In this regard, we checked for meaningful differences in organizational policies according to industry. To do so, we combined policies of organizations that belonged to similar industries (e.g. government, IT, media, retail) and constructed radar charts reflecting policy profiles of each of the industry groupings. This exercise, however, did not reveal any clear-cut cross-industry patterns and, hence, we continued our analysis of the entire sample of policies.


Our analysis revealed that the sampled policy documents contained elements representative of organizations' perceptions of social media affordances as well as of the governance principles put forth by organizations in response to these affordances. Overall, the organizations did indeed acknowledge the four affordances of visibility, persistence, editability, and association in the policies. Yet, they placed uneven emphasis on different affordances as well as highlighted certain unanticipated facets for some of the affordances. Our analyses also unexpectedly found relationships among the four affordances as well as between affordances and governance principles. This section discusses these findings in more detail as well as looks at how affordances and governance principles shifted over time.

Visibility and Persistence

Policies in our sample often contained references to visibility and persistence. Policies also usually considered the two affordances jointly, within a single policy element, and responded to them as one. For instance, statements highlighting the public nature of any contribution an employee might post in social media reflected visibility:

“You will probably be read or heard by people who know you. Post as if everyone you know reads or hears every word.” (Plaxo).

Similarly, the affordance of persistence appeared in policies through statements that directly acknowledged that everything that employees did in social media would remain accessible for an extended period:

“Remember that whatever you post may live for many years in the Web, even after you delete your copy of it.” (Gartner)

The quote above suggests that organizations considered persistence as contributing to a loss of control over the use and dissemination of content published through social media. It also reveals an intricate relationship between the affordances of visibility and persistence. Policies revealed that social media could make potentially damaging information not only visible to everybody (i.e., visibility), but also discoverable and accessible for an unlimited period of time (i.e., persistence). Policies thus emphasized potentially damaging consequences of these two affordances and presented them as jointly making it more difficult for employees and the organization to maintain control over information, image, and reputation:

“Remember that the Internet is not anonymous, nor does it forget” (Baker Daniels)

“Once you publish something through social media, you lose a degree of control of your message. Be certain before you post something that you are prepared to share it with a potential audience of millions” (Tuft University)

Governance principles responded to this portrayal of these two affordances as closely connected and as significant sources of risk. The frequently displayed element of Misrepresentation and Disclosure of Information2 revealed a preoccupation that social media possessed material capabilities to help distribute information widely and durably to external audiences. These statements emphasized the adverse consequences of such capabilities and provided explicit advice on how to avoid them:

“Confidential or proprietary company information or similar information of third parties who have shared such information with ESPN, should not be shared” (ESPN).

Acknowledgement of the affordances of visibility and persistence also led to instructions about What To Post as well as What Not To Post, as illustrated in the quotes below:

“Write about what you know. The best way to be interesting is to write about what you know. If you have a deep understanding of something, talk about the challenges and issues around it.” (Hill & Knowlton)

“Do not post material that is harassing, obscene, defamatory, libelous, threatening, hateful, or embarrassing to any person or entity. Do not post words, jokes, or comments based on an individual's gender, sexual orientation, race, ethnicity, age, or religion.” (Razorfish)

Guidelines related to What Not To Post were more frequent and specific than those concerning What To Post. This observation again highlights that policies were more concerned with mitigating potential risks associated with visibility and persistence rather than with promoting them as a potential source of value for the organization.


Policies recognized but put less emphasis on editability. More precisely, editability seemed to be placed in opposition to persistence and visibility. Further, policies highlighted a particular facet of editability - that related to the ability of “others” (outside the organizations) to amend and manipulate social media content - leading to expressions of risks of losing control over information and risk-management governance principles. What follows details these findings.

First, policies provided limited account of employees' ability to correct and improve their contributions to social media over time, a key aspect of editability. Statements, like the one below, acknowledging that employees could use social media to change what they had already published online, a feature unique to social media, were very rare:

“Be sure to correct any mistake you make immediately and make it clear what you've done to fix it.” (Nordstrom)

Instead, policies provided a range of editorial recommendations aimed at helping employees master the style and tone of their social media contributions. To this end, policies offered relatively standard “good writing” advice, as seen in the following quote:

“Good Writing Basics. The value of your great idea suffers to the extent that you allow misspelled words and bad grammar.” (American Institute of Architects).

Statements like the one above were very common. Their focus was on helping employees craft content to prepare it for publication rather than on recognizing employees' ability to edit/change/improve content after it had been published. Such observation suggests that organizations viewed social media as just another traditional broadcast communication channel—a channel not inherently different from other media.

Consistent with the view of social media as a broadcast channel, policies made frequent references to existing rules (Follow Established (Generic) Rules) and public relations best practices, implying that the availability of social media merely afforded organizations new ways to manage traditional public relations messages. Additionally, policies usually targeted employees as content producers in isolation and did not address the possibility for them to use social media to develop content in conjunction with others.

With respect to interdependencies among affordances, policies displayed an intriguing tension between editability, on the one hand, and persistence and visibility, on the other. Considerations of persistence and visibility eclipsed, to a certain extent, the affordance of editability. Policies were notably more preoccupied with the ability of social media to make content permanently accessible and visible to diverse audiences than with the possibility for employees to amend and improve upon the content over time. As the quotes below illustrate, a number of policies explicitly put editability in opposition to visibility and persistence:

“Know that the Internet is permanent. Once information is published online, it is part of a permanent record, even if you “remove/delete” it later or attempt to make it anonymous.” (Coca cola)

“Once online material is in the public domain, there is little control or influence over how it might be used or modified” (Australian Government)

Policies brought up another implication of editability for organizations: social media made it possible for people who were not a part of the organization to circulate and edit information about the organization after it had been first published by the employees. The policies presented this facet of the affordance of editability as a source of risk of loss of control over information and image. To address this risk, policies referred to the same governance mechanisms deployed to counter potential negative consequences of visibility and persistence—that is, taking great care to minimize the likelihood of inappropriate content being published in the first place (What To Post and What Not To Post guidelines).


Policies contained elements related to the two main types of association discussed by Treem and Leonardi's (2012) - association between people and association between people and information. In addition, we identified a third type of association—that between employees and organization.

Several policies included statements encouraging employees to use social media to Foster Community, that is, to develop connections between themselves and others. This observation relates to the association among individuals:

“Build a Following: Promote yourself by finding and sharing information that will be interesting to your friends and followers and useful for them to share.” (AMP3)

Policies also often encouraged employees to become aware of the association between them and the information they published in social media - the second type of association according to Treem and Leonardi (2012). Moreover, as illustrated in the above quote, policies often jointly tackled both types of association. Fostering community was at times presented as potentially adding value to employees, the organization, and others:

“Social communication from RightNow should help our customers, partners, and co-workers. It should be thought-provoking and build a sense of community. If it helps people improve knowledge or skills, build their businesses, do their jobs, solve problems, or understand RightNow better—then it's adding value.” (Right Now)

In addition to these two types of association, we also discovered that policies hinted at another type of association, between employees and the organization as a whole. This third type of association was particularly visible in a highly prevalent policy element, emphasizing the role of social media in Blurring of the Personal and the Professional:

“Because they blur the lines between personal voice and institutional voice, Ball State University has crafted the following policy to help clarify how best to enhance and protect personal and professional reputations when participating in social media.” (Ball State University)

Establishing the association between employees and their organization usually came with statements asking employees to post disclaimers (Identify Yourself policy element):

“When you discuss Group-related information online, be transparent by giving your name and role and mentioning that you work for the Group. If you have an individual site that refers to or has an impact on the Group, use a disclaimer such as “The views expressed on this site are my own and not those of Cap Gemini.” (Cap Gemini)

References to disclaimers further suggest that organizations focused on risk mitigation. Moreover, in asking for explicit disclaimers, policies related the affordance of association to that of visibility. In this regard, a number of policies displayed a sophisticated perspective on the implications of social media for the public/private, and the individual/organizational boundaries, suggesting interdependencies between association and visibility:

“Perception is reality. In online social networks, the lines between public and private, personal and professional are blurred. Just by identifying yourself as an Intel employee, you are creating perceptions about your expertise and about Intel by our shareholders, customers, and the general public-and perceptions about you by your colleagues and managers.” (Intel)

Governance principles

The previous paragraphs started examining how organizations attempted to respond to the perceived affordances of social media via governance. Here, we broaden this perspective and investigate the general patterns of social media governance. Our analysis uncovered policy elements aimed at shaping employees use of social media. We view these elements as governance mechanisms and argue that organizations in our sample followed three general approaches.

Leverage established governance mechanisms

First, in a context where organizations were still in the process of making sense of the key affordances of social media and their implications, they often opted to rely on the known mechanisms that had proven to work in the past, albeit in a different context. The prominence of such policy elements as Editorial Style Recommendations and Follow Established (Generic) Rules corroborates this point. The former element often directly borrowed from existing communications policies, providing generic advice rather than accounting for specificities of the social media environment, such as for instance editability. The latter element provided long lists of rules and regulations employees needed to comply with. As if organizations were unsure as to which rules would be most pertinent, they included many they had already implemented for other purposes.

Establish new governance mechanisms

Polices also attempted to establish a number of new principles specifically tailored for the social media environment. For example, the Identify Yourself policy element addressed the facet of the affordance of association—association between employee and organization—that had become important with the rise of social media. Similarly, What To Post and What Not To Post elements provided specific guidance to employees to tackle the affordances of visibility and persistence. It is interesting to note, however, that the highly prevalent element What Not To Post often consisted of extensive lists of items borrowed from preexisting communications policies. On the other hand, the What To Post statements were much more specific but fairly infrequent.

Rely on hierarchy and personal responsibility

Finally, the policies invoked a range of governance principles whose main objective seemed to hedge against or reduce unforeseen risks of social media. These principles did not provide specific guidance on what to do or not to do in social media but rather required employees double-check their actions with formal organizational authority. The If Uncertain Ask Authority and Management Approval of Social Media Initiatives policy elements illustrated this reaction. This approach allowed organizations to deal with social media on a “case-by-case basis,” helping them adjust to the changing technological environment. In a similar vein, policies that introduced the Employee Responsibility element emphasized that employees would ultimately be held accountable for their use of social media.

Temporal evolution of social media affordances and governance

The previous paragraphs analyzed manifestations of social media affordances and governance principles in our entire sample of policies, regardless of when the policies were put in place. We now turn our attention to the subset of 45 policies for which the enactment date was known. The main objective is to better understand whether, and how, the way organizations perceived social media affordances and responded to them via governance principles shifted over time. Figure 1 displays changes in emphasis scores for each policy element across four time periods. We used this figure to guide and inform our qualitative exploration of the temporal patterns present in the data. The following paragraphs provide details on the two key trends we identified.

A first notable trend had to do with organizations' growing recognition of social media and professionalization of their response to them. For example, we found that the policies enacted earlier in the observation period often provided statements explicitly defining their scope and detailing the activities and tools the policy covered. In this sense, many of the earlier policies included an opening paragraph defining and Describing Social Media applications.

In addition to delimiting the perimeter of their authority, these definitions and descriptions of social media offered a pedagogical dimension as they informed employees about social media, suggesting an acknowledgement of the new, and still rather unknown, character of social media in the organizational context.

We also noted that even though the element Follow Established (Generic) Rules was prevalent among all sampled policies regardless of their enactment date, there were notable qualitative differences in what these established rules covered over time. Policies enacted early in our observation period (from 2005 to 2009) usually invoked existing rules and regulations that were not specific to social media and came from broad general areas of organizational activity, such as human resources, communication, and public relations:

“The social media policy closely follows the Gibraltar Ethics Policy outlined in the official employee handbook” (Gibraltar).

“Consult Human Resources and the church's confidentiality policies for guidance about what constitutes “confidential” or “proprietary” information.” (Fellowship Church).

Policies enacted later in the observation period still referred to these generic organizational rules but they also brought up instructions and guidelines that addressed the specific affordances of social media in the workplace. This observation, in our view, reveals a professionalization of the organizational governance of social media.

The trend towards professionalization of governance was also evident in policies increasingly referring to resources and positions specifically dedicated to deal with social media. Relatedly, we noted a qualitative shift in the If uncertain, ask authority element. While the element stayed highly salient throughout the observation period, the “authority” in question changed over time. In earlier policies, employees were usually expected to contact their direct supervisor or manager; in later documents, however, the role of social media manager started to emerge as an authority to oversee and advise employees on issues related to social media.

The requirement for employee-driven social media initiatives to be approved by management also gained importance in policies enacted later in the observation period:

“A number of Navitas employees are asked to use social media to meet the requirements of their Roles or to represent Navitas. All staff that use social media professionally on behalf of Navitas must be authorised to do so and must enrol on the Social Media Register via” (Navitas)

This growing demand for Management approval of social media initiatives was consistent with the trend toward professionalization of social media. As social media were becoming more widespread and familiar, organizations started to devote more human, technological, and financial resources to their management in the organizational context. Later policies therefore indicated the launch of additional, dedicated organizational governance mechanisms for social media.

A second temporal trend encompassed a shift in organizations' interpretations of social media affordances and a corresponding change in governance to account not only for risks but also for opportunities associated with social media. In particular, overall, organizations' reaction to social media was predominantly focused on limiting the risks associated with the affordances of visibility and persistence. This was seen in the prevalence of the Misrepresentation and Disclosure of Information as well as What Not To Post policy elements in the overall sample. The former element retained its prevalence throughout the observation period. The emphasis on the latter element—What Not To Post—however, diminished in policies enacted later in the observation period, while recommendations regarding What To Post remained stable.

We interpret these changes as reflecting increasing sophistication and maturity of the way organizations perceived social media affordances and devised governance principles over time. Mitigating risks remained at the forefront of governance, but the emphasis started to switch towards building upon more positive implications of social media as possibly generating value. Policies thus increasingly stated that Organizations [Saw] Value in social media and presented Organizational Support of Social Media:

“Hamilton County Department of Job and Family Services has embraced social media as a means to improve openness, accessibility and transparency. Strategic use of social media helps the agency foster positive relationships with key audiences such as customers, social service partners, taxpayers/voters, overseers, government peers and employees.” (Hamilton County)

“If the hospital professionals want or need to start social networking (blogs, Facebook group, Twitter profile, etc.) about any topic related to the activity of the centre, HSJD encourages them in this initiative, and offers support and recognition through the HSJD social networks.” (Hospital San Jao)

Policies enacted at different dates therefore suggested a transformation in organizations' perception of and reaction to social media affordances over time. While the emphasis on risk management associated with the affordances of visibility and persistence remained dominant, a theme suggesting that organizations could benefit from their employees' use of social media became more perceptible.

This change in organizational understanding of social media was especially visible in changing reactions to the affordance of association. As noted earlier, policies in our sample revealed the affordance of association between employees using social media and their respective organizations. This facet of association was captured in the policy element with the highest prevalence in the sample, Blurring the Personal and the Professional Boundary. The emphasis score of this policy element, while generally remaining high, decreased towards the end of the observation period. At the same time, the emphasis of the policy element related to Foster Community showed a marked increase over time. This trend suggests a growing organizational recognition of the affordance of association not only as that between employees and organization, but also between employees and organization, on the one hand, and other parties, on the other.


This section elaborates on the implications of this research for organizational governance of social media as well as for the affordance perspective on social media.

Organizational governance of social media

Part of our motivation to study social media policies stemmed from the aforementioned observation that social media use in organizational contexts is often end-user driven (Stolley, 2009; Vaast, 2010). Social media have therefore rendered traditional managerial and technical tools of IT governance, such as budgets, technical investments, human resources, and training, etc. (Sambamurthy & Zmud, 1999; Weill, 2000), less effective. Policies, in this sense, have offered organizations one a few levers to govern social media use in the workplace (Guerin, 2011; Kane et al. 2009).

Our analysis of social media policies revealed that organizations tended to perceive and portray affordances of social media primarily as a source of risk rather than value. In particular, policies presented visibility, persistence, and editability, as factors increasing the probability for sensitive organizational information to become accessible to and manipulable by diverse external audiences. Accordingly, governance principles offered in response were aimed at shaping workplace use of social media in ways that would mitigate these risks and reduce their potential damage. With regard to association, while the policies acknowledged association among people and association between people and content, the main emphasis was placed on the connection between employees using social media and the organization they belonged to. Policies again portrayed this unanticipated facet of association as a potential risk and suggested dealing with it through personal disclaimers and other controls over published content.

It was not surprising per se that our analyses showed that policies portrayed the affordances of social media primarily as “constraints” rather than “enablers” (Majchrzak & Markus, 2013). After all, organizational policies by nature are focused more on delimiting what not to do and less on suggesting what to do. Our findings concerning the responses offered by the policies to tackle these new social media risks, however, were more intriguing. Many of the governance mechanisms articulated in the policies stemmed from preexisting governance practices rooted in other organizational domains, including human resources, communications, and public relations. Thus, in order to deal with the new risks generated by employee use of social media, policies tended to rely heavily on generic rules and regulations that organizations already had in place. For risks that fell outside of the scope of the existing guidelines, organizations sought to enlist managers and supervisors to deal with social media on a case-by-case basis. The issue of whether or how these people were qualified for the task was rarely addressed.

Amending this point somewhat, we noted temporal evolution in organizational responses to social media. References to existing governance principles remained dominant in the policies throughout the entire observation period. However, policies enacted later tended not only to articulate constraints that social media brought about for organizations, but also to highlight capabilities that they enabled (Majchrzak & Markus, 2013). Furthermore, these later policies also started to refer to resources specifically dedicated to governing social media in the organization, for instance through mentions of personnel whose primary role was to guide employees in their organizational use of social media.

Taking these findings into consideration, it is important to ponder how policies may shape and be shaped by social media affordances and, ultimately, employee use of social media. Our research design did not allow us to directly examine these aspects empirically, but our findings lead us to make two conjectures in this regard. First, for those employees who had not been exposed to social media before and, therefore, did not yet have established perceptions of social media affordances, the portrayal of social media provided by the policies would likely shape their perceptions of the affordances and, hence, use of social media in a certain restrictive way. For example, exposed to policies suggesting that editability concerned primarily those outside of the organization, employees might not perceive features of social media that made it possible for them to change and improve published content on an ongoing basis.

Second, the impact of policies on social media affordances and use most likely was not unidirectional. As employees gained more exposure and experience with social media, so did the organizations. As a result, the affordances of social media in the organizational context and their reflection in the policies changed over time. The two temporal trends revealed by our analysis—the shift from focusing on risk only to focusing both on risk and value and the professionalization of social media governance—offer signs of this ongoing mutual interrelationship among social media governance, affordances, and use.

Relationships among affordances of social media

Our findings revealed that the affordances of visibility and persistence were tightly connected and, by and large, jointly dominated the policies in our sample. The prevalence of visibility and persistence and the close connection between them also seemed to affect the other affordances. Editability was mostly framed in terms of “editability by others,” while the focus of association was on the connection between employee and organization. Policies, thus, at times both uncovered and fashioned implicit oppositions among the social media affordances. Theoretically, this finding reveals that affordances are not independent and that in order to better understand how affordances are constructed and how they shape use, researchers need to consider not only individual affordances in isolation but also the complex interrelations among the affordances as technically and socially constructed.

Furthermore, our research adds to the affordance perspective by showing that affordances of social media may not only vary across organizations (Leonardi & Barley 2010), but also evolve over time. We noted specific temporal trends in how organizations perceived and responded to the affordances of social media. Early policies associated social media affordances with potential risks for the organization (e.g. legal concerns, issues with image control). Later policies still articulated risks in connection to social media affordances, but also referred to broader, more positive potential for social media to generate value for the organization (e.g. generating value, building a community). This finding is significant from a conceptual standpoint and calls for further investigation of the factors that shape and reshape affordances over time as well as of the nature of the dual relationship between affordances and use of social media.

Concluding Remarks

As we conclude this paper, we acknowledge its limitations that warrant further investigations. Our sample was not random as it included policies available through a public online database. While we made a concerted effort to include a wide range of industries and types of organizations in our sample, we do not make claims of wide generalizability of our findings. We encourage researchers to examine social media policies from other organizations in particular from non-English-speaking countries. Such examination might help bring about cultural and societal distinctions in social media governance in the workplace. Next, our analyses uncovered several trends within the entire sample of organizations we studied. We did not uncover meaningful differences in how particular industries or industry groupings perceived and responded to social media affordances, but it would be fascinating to analyze this at a deeper level to be able to identify and interpret emerging cross-industry patterns. Finally, this paper examined policies that targeted employee use of social media outside the organization. Future studies should compare and contrast these findings to organization's reactions to employee use of social media inside the enterprise.

Overall, this research yielded several theoretical contributions to the affordance perspective on social media and to our understanding of the organizational governance of social media. This research added to the affordance perspective by providing an empirical examination of how organizational policies reflect and contribute to the shaping of social media affordances in the workplace. This research also added to an affordance perspective by showing the importance of considering not only individual affordances but also the complex interrelations among them as technically and socially constructed over time. Finally, this research contributed to the understanding of the implications of social media in the workplace by examining key organizational responses aimed at guiding employee use of social media.


  1. 1

    Emphasis score for code x in time period y was calculated as the average of (1/total number of codes in policy document z) for all policy documents in time period y in which code x was present.

  2. 2

    Italics indicate the policy elements that emerged from our inductive coding.

  3. 3

    The connection between policy elements and social media affordances was established qualitatively via a thorough iterative review of the constitutive quotes for each policy elements. One policy element, thus, could be linked to several affordances.

  4. 4

    Policy elements are shown in the decreasing order of salience.


Appendix A List of sampled policies

OrganizationIndustryEnactment date
American Institute of ArchitectsNon-profitn/a
AMP3Public Relations2010
AppleInformation Technology12 2001
Australian GovernmentGovernment08/2008
Baker & DanielsLegal servicesn/a
BallState UniversityHigher Education11/2009
Banco SadabellBanking01 2011
Basque GovernmentGovernment04 2011
Best BuyRetail01/2010
Bread for the WorldNon-profit10/2009
British TelecomTelecommunicationsn/a
Cap GeminiConsultingn/a
City of Hampton, VAGovernment08/2009
Cleveland ClinicHealthcaren/a
Coca-ColaConsumer goodsn/a
Daimler AGManufacturingn/a
DellInformation Technologyn/a
DePaul UniversityEducationn/a
Eastern UniversityEducation04 2010
eWay DirectOnline marketingn/a
E.W. ScrippsMedia07 2011
Fellowship ChurchChurch04/2005
FordAutomotive08 2010
GibraltarPublic Relations12/2009
Government of CataloniaGovernment06/2010
Greteman GroupConsulting01/2009
Hamilton CollegeHigher Educationn/a
Hamilton CountyGovernment02 2010
Harvard Law SchoolHigher Educationn/a
Headset BrothersE-tailn/a
Hill & KnowltonPublic Relations05/2005
Hospital San JaoHealthcare02/2012
IBMInformation Technologyn/a
IcrossingPublic relations04/2012
IntelInformation Technology03/2010
IOC VancouverGovernment02/2010
Kaiser PermanenteHealth Insurance04/2009
LiveworldPublic Relationsn/a
Mayo ClinicHealthcaren/a
MicrosoftInformation Technologiesn/a
NavitasOrganic foods06/2012
Nova Scotia GovernmentGovernmentn/a
OgilvyAdvertising Public Relations02/2010
Ohio State University Medical CenterHealthcare12/2009
OperaInformation Technologyn/a
OracleInformation Technologyn/a
PlaxoInformation Technology03/2005
Porter NovelliPublic Relations07/2008
Powerhouse museumNon-profit04/007
SAPInformation Technology06/2009
Scouts of LondonNon-profit02/2011
State of DelawareGovernment04/2009
Sutter HealthHealthcare08/2009
Tuft UniversityHigher Educationn/a
UK Civil ServiceGovernment01/2009
UK Department of DefenceGovernment08/2009
UnicInformation Technology10/2009
University of MichiganHigher Education07/2010
ViaRail CanadaPublic transport.06/2011
Washington PostMedia09/2009
WebtrendsInformation Technologyn/a

Appendix B Inter-coder agreement rates by code

CodeAgreement Rate
Social media description78%
Blurring of personal/professional boundary78%
What to post80%
What not to post80%
Foster community74%
Editorial style recommendations87%
Identify yourself87%
Employee responsibility100%
Misrepresentation & disclosure of information87%
Organization sees value in SM74%
Organizational support of SM70%
Enforcement and disciplinary action87%
Follow established (generic) rules96%
If uncertain, ask authority78%
Management approval of SM initiatives66%
Avoid work interference74%
Average for all codes:81%


  • Emmanuelle Vaast (Ph.D., Ecole Polytechnique) is an Associate Professor of Information Systems at the Desautels Faculty of Management of McGill University. She studies the affordances of new technologies, and, in particular, of social media, and their realization in the practices of individuals, communities, and organizations.

    Postal address: 1001 Sherbrooke Street W Montreal QC H3A 1G5 Canada


  • Evgeny Kaganer (Ph.D., Louisiana State University) is an Associate Professor of Information Systems at IESE Business School. His research focuses on social and mobile technologies and their impact on individuals, organizations, and business models. His recent work traces the evolution of crowdsourcing and its growing impact on business.

    Postal address: Avenida Pearson, 21 08034 Barcelona Spain