HRM3703
EXAM PACK
, HRM3703
Assessment 06 Semester 2 2024
Unique Number:
Due Date: 1 November 2024
HR Information Systems and Technology
Question 1
1.1 (a) Three Areas for Improvement in the Employee Social Media Policy for
Company X
1. Privacy and Confidentiality
While the policy mentions avoiding statements that could harm Company X’s
reputation, it doesn’t fully address respecting client and colleague privacy on
social media. Addressing confidentiality is vital because social media can
sometimes result in accidental disclosures (Dreher, 2014). To improve, Company
X should include a section on safeguarding private information, specifying that
employees shouldn’t disclose internal data, project details, or sensitive
information about clients or colleagues. A statement like, “avoid discussing any
internal or client-related information on social media” would strengthen the policy.
2. Clear Consequences for Violations
The policy does not outline consequences, which makes it harder for employees
to understand the seriousness of breaches. According to Morgan (2017), a policy
is more effective when employees know the potential outcomes of non-
compliance. Including a section on consequences, such as warnings, disciplinary
action, or termination for severe violations, could reinforce the policy’s authority.
A phrase like, “Any violation of this policy may result in disciplinary action ranging
from a warning to termination, depending on severity,” would clarify potential
repercussions.
3. Guidelines on Professional Use and Crisis Management
The policy should also cover professional conduct and crisis management,
, guiding employees on how to handle online comments about the company. As
Lipschultz (2021) suggests, crisis management guidelines help ensure
consistency and protect the company’s image. Including a statement like, “In the
event of negative feedback about the company, employees should notify the
communications team rather than responding individually,” would help
employees know how to handle such situations.
1.1 (b) Suggestions for Ensuring Adherence to the Policy
1. Regular Training and Reminders
Company X should conduct regular workshops or annual training sessions to
review and clarify the social media policy with real-life examples, as training
reinforces policy retention (Morgan, 2017). Reminders through emails or visual
materials in common areas can also help keep the policy visible.
2. Making the Policy Easily Accessible
Posting the policy in a shared, accessible digital space, like an intranet or
employee portal, ensures employees can revisit it when needed. Company X
could also incorporate a quiz or acknowledgment feature during onboarding, as
repetition is essential for adherence (Dreher, 2014).
1.2 Sujaniambe Wholesalers Case Study
(a) Responsibility to Safeguard Employee Information
Yes, Sujaniambe Wholesalers has a legal and ethical responsibility to safeguard
employee data. South Africa’s Protection of Personal Information Act (POPIA)
mandates secure handling of personal data, with privacy being a top priority (Le Roux,
2020). POPIA makes it clear that companies must handle personal data responsibly,
making data security a critical function of the HRIS.
(b) (i) Problematic Nature of the Situation
Yes, this situation is problematic. Exposing private employee information in public
, spaces violates POPIA guidelines (Le Roux, 2020) and risks data breaches, identity
theft, and potential workplace conflicts. This situation could lead to mistrust in the
company's data handling, making it essential for Sujaniambe to ensure proper
information security.
(ii) How the HR Officer Could Have Handled the Situation Better
The HR officer should have waited or ensured that the documents were securely stored.
According to Lipschultz (2021), data protection best practices include always securing
personal information, especially when third parties are involved.
(iii) Steps Sujaniambe Wholesalers Could Have Taken to Alleviate Security
Concerns with HRIS
1. Educating Employees: Offering training on data protection would help
employees understand and trust the HRIS system (Morgan, 2017).
2. Role-Based Access Restrictions: Limiting access to sensitive information
based on job roles can prevent unauthorized viewing of private data.
3. Audit Trails: Implementing system audits to track data access ensures
accountability (Dreher, 2014).
4. Clear Data Protection Policies: Specific guidelines on data security can
reinforce trust in the HRIS system.
5. Regular Privacy Audits: Audits ensure compliance with POPIA and assure
employees that their data is secure (Le Roux, 2020).
Question 2
2.1 HR Metrics for Staff Turnover and Training Investment
(a) Metrics Used
1. Turnover Rate: This metric shows the percentage of employees who left over a
specific period, highlighting any retention issues (Phillips & Connell, 2003).
EXAM PACK
, HRM3703
Assessment 06 Semester 2 2024
Unique Number:
Due Date: 1 November 2024
HR Information Systems and Technology
Question 1
1.1 (a) Three Areas for Improvement in the Employee Social Media Policy for
Company X
1. Privacy and Confidentiality
While the policy mentions avoiding statements that could harm Company X’s
reputation, it doesn’t fully address respecting client and colleague privacy on
social media. Addressing confidentiality is vital because social media can
sometimes result in accidental disclosures (Dreher, 2014). To improve, Company
X should include a section on safeguarding private information, specifying that
employees shouldn’t disclose internal data, project details, or sensitive
information about clients or colleagues. A statement like, “avoid discussing any
internal or client-related information on social media” would strengthen the policy.
2. Clear Consequences for Violations
The policy does not outline consequences, which makes it harder for employees
to understand the seriousness of breaches. According to Morgan (2017), a policy
is more effective when employees know the potential outcomes of non-
compliance. Including a section on consequences, such as warnings, disciplinary
action, or termination for severe violations, could reinforce the policy’s authority.
A phrase like, “Any violation of this policy may result in disciplinary action ranging
from a warning to termination, depending on severity,” would clarify potential
repercussions.
3. Guidelines on Professional Use and Crisis Management
The policy should also cover professional conduct and crisis management,
, guiding employees on how to handle online comments about the company. As
Lipschultz (2021) suggests, crisis management guidelines help ensure
consistency and protect the company’s image. Including a statement like, “In the
event of negative feedback about the company, employees should notify the
communications team rather than responding individually,” would help
employees know how to handle such situations.
1.1 (b) Suggestions for Ensuring Adherence to the Policy
1. Regular Training and Reminders
Company X should conduct regular workshops or annual training sessions to
review and clarify the social media policy with real-life examples, as training
reinforces policy retention (Morgan, 2017). Reminders through emails or visual
materials in common areas can also help keep the policy visible.
2. Making the Policy Easily Accessible
Posting the policy in a shared, accessible digital space, like an intranet or
employee portal, ensures employees can revisit it when needed. Company X
could also incorporate a quiz or acknowledgment feature during onboarding, as
repetition is essential for adherence (Dreher, 2014).
1.2 Sujaniambe Wholesalers Case Study
(a) Responsibility to Safeguard Employee Information
Yes, Sujaniambe Wholesalers has a legal and ethical responsibility to safeguard
employee data. South Africa’s Protection of Personal Information Act (POPIA)
mandates secure handling of personal data, with privacy being a top priority (Le Roux,
2020). POPIA makes it clear that companies must handle personal data responsibly,
making data security a critical function of the HRIS.
(b) (i) Problematic Nature of the Situation
Yes, this situation is problematic. Exposing private employee information in public
, spaces violates POPIA guidelines (Le Roux, 2020) and risks data breaches, identity
theft, and potential workplace conflicts. This situation could lead to mistrust in the
company's data handling, making it essential for Sujaniambe to ensure proper
information security.
(ii) How the HR Officer Could Have Handled the Situation Better
The HR officer should have waited or ensured that the documents were securely stored.
According to Lipschultz (2021), data protection best practices include always securing
personal information, especially when third parties are involved.
(iii) Steps Sujaniambe Wholesalers Could Have Taken to Alleviate Security
Concerns with HRIS
1. Educating Employees: Offering training on data protection would help
employees understand and trust the HRIS system (Morgan, 2017).
2. Role-Based Access Restrictions: Limiting access to sensitive information
based on job roles can prevent unauthorized viewing of private data.
3. Audit Trails: Implementing system audits to track data access ensures
accountability (Dreher, 2014).
4. Clear Data Protection Policies: Specific guidelines on data security can
reinforce trust in the HRIS system.
5. Regular Privacy Audits: Audits ensure compliance with POPIA and assure
employees that their data is secure (Le Roux, 2020).
Question 2
2.1 HR Metrics for Staff Turnover and Training Investment
(a) Metrics Used
1. Turnover Rate: This metric shows the percentage of employees who left over a
specific period, highlighting any retention issues (Phillips & Connell, 2003).
