Skip to Content
TS-RDC-08 Trust & Stewardship Risk, Data & Compliance CORE Compliance v2.9.7

Digital-safety & online-reputation mgmt.

Assesses the management of the organization's digital presence for safety and reputation. Scope includes all official channels (website, email newsletters, social media, messaging apps like WhatsApp/Telegram, and fundraising platforms). It covers digital safety (account security, impersonation, safeguarding disclosures, data protection) and reputation management (content verification, sentiment monitoring, complaints handling), ensuring ethical online conduct and timely response to issues.

KPI / Measure
MetricOnline complaint response time & MFA adoption
Target≤48h / 100% MFA
FrequencyMonthly
MethodTime from receipt to acknowledgement; % of accounts with MFA enabled.
UnitHours / Percentage
Maturity Levels
Level 1: Initial/Ad-hoc

Digital presence is ad-hoc. No policy exists. No account security controls (e.g., shared passwords, no MFA). Responses are reactive or non-existent.

Level 2: Developing

Basic guidelines exist but are not consistently enforced. Designated individuals manage accounts, but without formal training or MFA. The organization is reactive to online issues.

Level 3: Established

Compliant: Formal policy approved and trained. Account register exists with named owners and MFA enabled. Queries are acknowledged within 48h. Safeguarding escalation route is defined.

Level 4: Advanced

Advanced: Proactive monitoring with sentiment analysis. Crisis communication plan is tested annually via drills. Serious incident decision logging is active. >90% SLA adherence.

Level 5: Optimizing

Excellence: Digital safety is strategically integrated with culture of Iḥsān. Independent reviews of digital risk are conducted. Organization leads in ethical online conduct (Adab) and community trust (Amānah).

Applicability

Organisation Types

mosque-prayer-space islamic-center community-center charity-relief humanitarian-aid zakat-sadaqah-body islamic-school-madrasa educational-institution supplementary-school islamic-university-college youth-organization womens-organization student-islamic-society advocacy-campaign-group umbrella-organization representative-body media-publication islamic-broadcasting professional-association trade-body sports-recreation arts-culture healthcare-service counselling-mental-health elderly-care funeral-service bereavement-support certification-body standards-organization restaurant butcher-meat-supplier food-manufacturer catering-service bank finance-provider investment-fund insurance-provider accountancy-firm advisory-consultancy legal-practice bookstore-retail fashion-retail ecommerce-platform private-school training-provider private-healthcare-clinic counselling-practice general-enterprise social-enterprise community-interest-company

By Organisation Size

SizeApplicabilityNotes
Micro exempt Formal RACI matrices, strict 48-hour SLAs, and version-controlled policies are disproportionate for volunteer-run groups.
Small partial Scaled down to basic MFA, simple social media guidelines, and safeguarding escalation; strict SLAs and complex RACI are not expected.
Medium full
Large full
Major full

Applicable When

  • The organization has an online presence (website, social media, etc.)
  • The organization interacts with the public or stakeholders online
  • The organization uses digital communication channels

Not Applicable When

  • The organization has absolutely NO online presence or engagement whatsoever.
  • The organization is entirely internally focused and has no external stakeholders or beneficiaries.

Related Criteria

TS-RDC-01 Multi‑scenario financial stress‑testing documented TS-RDC-02 Complaints & whistle-blowing mechanism TS-RDC-03 Due-diligence on delivery partners TS-RDC-04 Serious-incident reporting & escalation TS-RDC-05 Cyber-security baseline (NCSC Cyber Essentials – UK)
Version
2.9.7 2025-11-05

Discussion (1)

Administrator 2026-03-07 12:01:03.763917

📋 **Version updated: 1.0.0 → 2.9.7** **Changes:** Full import from mizan-297.json

Sign in to post a comment.

Back to Criteria