Next Generation Community Management: A Proactive Risk-based Approach

Bassem Nasser, Vegard Engen and Paul Walland
IT Innovation Centre
University of Southampton
Gamma House, Enterprise Road
Southampton, SO16 7NS, UK

Effective management of online communities is a significant challenge as they can exceed millions of users producing hundreds of millions of discussion threads that link together billions of posts. Current management solutions are based on basic statistical tools that aggregate data for the community owner/moderator to interpret themselves and take appropriate actions. This paper presents a proactive and extensible risk-based management framework supporting advanced analytical services for managing online communities. This allows community owners to focus on their community objectives and proactively manage favourable/unfavourable events at the user and community level.


Online communities generate major economic value and form pivotal parts of corporate expertise management, facilitating knowledge dissemination and communication as well as boosting performance and innovation
[1][2]. Research in [3][4] shows that companies see a number of benefits in using collaborative technologies not only within their organisational boundaries but also for the purpose of reaching out to their customers, partners and suppliers. These advantages include faster access to knowledge and experts; increased customer and employee satisfaction; and a reduction in communication time and travel costs.

Whilst there is a clear gain provided by such communities, the management and preservation of their efficient operation is not trivial [3]. Communities can exceed millions of users and infrastructures must support hundreds of millions of discussion threads that link together billions of posts. Current management solutions fail to meet current challenges of scale and growth, let alone the support for understanding and managing the business, social and economic objectives of the users and the community owner [1][2][4].

Current solutions usually consist of a dashboard for monitoring a set of Key Performance Indicators (KPIs, e.g., page views, number of posts, average time for responding/closing users' queries) judged relevant for the users' and the community's quality of service and experience [6][7][8]. These KPIs present the state of the community at a certain point in time, current or past, but offer little to support what managers really need to effectively manage risks in the community; an insight onto the future state of the community. Online communities have varied and sometimes fragile or unexpected life-cycles. A healthy community can see periods of intense and explosive growth, which can in itself be a challenge to manage, but equally things may go wrong in an online community. Drop of activity and users churn to competitors are examples of these risks [9]. Considering the scale of existing social networks, the management process is getting more and more complex to be simply addressed by introducing more moderators. Managing large scale communities requires that the manager is empowered with new tools to break out of the current reactive framework by predicting the community’s future trends and the impact of any intervention to steer the community in line with its objectives.

In ROBUST, an EC FP7-ICT project, we are addressing the next generation of community management solutions where the focus is not limited to managing failures but to manage risks and opportunities [3][11][12]. We are targeting an integrated, consistent, proactive approach to steer the community towards its objectives. This paper presents the risk management work done in the ROBUST project, focusing on the risk management process applied to online communities and the implementation of a tool referred to as the Community Analysis Tool (CAT).

In section 2, we review the existing approaches for community management and their limitations. Section 3 presents the risk management principles from risk management standards perspective. Section 4 discusses the features of the implemented community analysis tool. The conclusions and future work are addressed in section 5.


In order to understand the current practices of online community management, we produced a questionnaire as part of the ROBUST project, which was distributed to 48 community hosts and owners (and moderators) within different communities of SAP and IBM
[10]. The questions covered community objectives, costs, benefits, size of the respective communities, technologies used to manage their communities, health metrics as well as risks and opportunities they considered for their communities. One of the main observations from the questionnaire is that the communities are led by objectives; usually set by the owners in this case of business communities. The objectives can be generic (e.g., customer support, opinion research, market research, advertising and marketing). These objectives are usually associated with indicators that allow their quantification and the return on investment (e.g., community size, customer support load, sales figures and productivity). The questionnaire showed that, although some communities may seem to have similar objectives, the ranking of these objectives in terms of importance and priority may vary as well. These objectives are not only the raison d’etre of these communities, but also shape the underlying technological choices to be used (e.g., forums for customer support, wikis for knowledge sharing) as well as the community policies (e.g., limit on the number of characters per post or the number of posts). The survey showed that the tools used to monitor and manage the online community provides basic statistical information like the number of community ‎members, number of visits ‎per day, time users spent online, number of new threads and sometimes advanced information such as the topics discussed, network graph metrics like members centrality, and users’ sentiment. The community management approach is centred on monitoring the current state of the community based on the reported measurements. Whilst such information is valuable, it offers little help to the community manager in predicting the future state of the community and whether it is in line with the objectives. To address these limitations, a risk-based approach for online community management is discussed below.


The risk management framework developed in ROBUST is compliant with ISO 31000
[13], which is an international standard based on AS/NZS 4360 entitled 'Risk Management Principles and Guidelines'. ISO 31000 defines risk as the 'effect of uncertainty on objectives'. An effect is a deviation from the expected - positive and/or negative. ISO 31000 indicates that 'Risk is often characterized by reference to potential events and consequences, or a combination of these'.

Based on ISO 31000, in ROBUST a risk corresponds to an event that has a negative impact on community objectives, whilst an opportunity corresponds to an event with positive impact. We classify risk/opportunity events based on their source being either internal or external. The external events are those that originate from external actors whom are not part of the community. Examples of external events include the introduction of new legislation affecting the online community or the launch of a competitor’s community leading to the churn of users.

The internal event category comprises those events that originate from within the community, such as a modification of its structure or a change of an individual user’s attributes. The events can be deliberate, accidental or the result of the normal evolution of the community. The internal events can be decomposed into two categories:

  1. Community features: This includes any changes related to the community attributes like content, structure, users, performance, etc (e.g., drop in community members or new joiners)
  2. User features: This includes any changes related to the user attributes including role, connections, position (e.g., change of role, network centrality or activity level)
The ISO 31000 risk management process consists of the following phases: communication and consultation, establishing the context, risk assessment (identification, analysis, and evaluation), risk treatment, monitoring and recording. The next section discusses how the Community Analysis Tool developed in ROBUST supports these different phases.

The ROBUST Community Analysis Tool (CAT) is a web-based system for defining and monitoring online communities and their associated risks and treatments. In addition to many visualization features, this tool builds on top of many components that assess risks and opportunities called Predictors [14] orchestrated by an Evaluation Engine, a Treatment Centre for risk treatment and Simulation Centre for analyzing what-if scenarios. We will go through a simple workflow of specifying, monitoring and managing a risk using this tool.
The workflow starts with defining the source of the community data and its objectives. The community data can be a data snapshot or a live data stream of users’ activities. Once the online communities have been defined, the user may then access functionalities such as the Risk Editor, which provides the facility to define a risk or opportunity. Here, information such as the title, owner, scope (community level, user level, etc.). Moreover; the risk event, impact, schedule and treatment are also defined using the risk editor (Fig. 1). More information about each functionality is shown in the following screenshots.

Fig. 1. CAT Risk Editor browse view

The event information is provided directly from the supporting Predictor Service (Fig. 2). For instance, the CM Predictor service shown in (Fig. 2) can estimate the likelihood of five events. One of them is the event “decrease in percentage of a role”. The event is specified in terms of pre and post-conditions of community and user features values. While the pre-condition is optional, the post-condition is mandatory. For the above event, the post-condition is a condition on the value of the percentage decrease (e.g. percentage >50%). In other risks, the definition of both pre and post conditions may be necessary. For instance, consider a risk of user changing their role in the community, the pre-condition could be ‘contributor’ and the post-condition ‘lurker’.

Fig. 2. CAT Risk Editor event prediction view

The editor allows the modification of any configuration parameter required by the specific predictor service (e.g. forecast period, number of iterations). This allows adjusting the behavior according to the required event.
Each risk or opportunity will also refer to impacts on the objectives of the community for which it is defined; the Risk Editor allows the risk manager to select one or more objectives (e.g. Quality of experience) and indicate the relative potential impact (positive or negative) the risk may cause, should the event occur (Fig. 3). This information allows prioritizing the monitored risks according to their impact on the objectives.

Fig. 3. CAT Risk Editor impact definition view

The defined risks and opportunities are then stored in the Risk Registry. The Evaluation Engine collects this information and proceeds with calling the corresponding Predictor Services in order to assess the event likelihoods.
The results are returned to the Dashboard and are also stored in the Risk Registry for future analysis and reference. The Dashboard presents the status of the community, utilising multiple visualisation views for presenting information to the risk manager that should help them determine the `health' of their respective community. An example of a visualisation provided in the Dashboard is the risk matrix (Fig. 4), which shows the likelihood of the risk on the vertical axis and its impact (positive or negative) on the horizontal. Currently, it takes a conservative view on risks and opportunities impacts i.e. when multiple objectives are affected, the matrix displays the worst negative impact and the least positive one.

Fig. 4. CAT Risk Matrix view

Additional management functionality within the Risk Editor includes the selection of available treatment plans to be enacted by the Treatment Workflow Engine. The workflow is encoded by the risk/community manager and assigned to the risk or opportunity (Fig. 5).

Fig. 5. CAT Risk Editor treatment selection view

When a risk (or opportunity) level (likelihood x impact) exceeds an acceptable level, the treatment plan needs to be undertaken to manage it (mitigate, avoid, enhance, exploit, etc). The ROBUST CAT system provides capabilities to specify and enact treatment plans, which are presented using the graphical Business Process Modelling Notation (BPMN) [15] and formally specified using the BPMN 2.0 standard). Treatment plans may contain both human actions and simulation activities that should be run during the course of the workflow. If the risk level exceeds an acceptable threshold, the Treatment Workflow Engine will be invoked with one or more treatment plans selected by the risk manager.
The plan may contain automated actions run by the Treatment Workflow Engine or manual tasks and decisions carried out by the community owner. At the point where the risk manager wishes to address a risk or opportunity, the CAT system will interactively guide her through a set of recommended work-flow plans she assigned to the risk during its definition. The Simulation Centre includes agent-based simulations that allows the risk manager to investigate “what-if” scenarios. This is useful for instance when the treatment effect is not certain. The Simulation Services can provide information about the community’s future state if such a treatment action has been taken. One of the simulations developed in the ROBUST project addresses the simulation of community state under multiple policies (e.g. order forum threads by size or by last-updated).


The ROBUST project addresses the risk and opportunity management in huge-scale business communities. This paper investigated the current practices of community management and showed the need for a new generation of tools focusing on proactive management. ROBUST supports on-line community risk and opportunity identification, specification, assessment, monitoring and communication. The prototype of the CAT tool and its capabilities were presented to show how risks are defined, assessed, monitored and managed. This tool allows proactive management of the community and thus allowing the community manager to be better prepared to rectify problems or exploit opportunities.
The first release of the tool is available at:
A live demo version is available at:
Supporting the SIOC [16] ontology is currently in progress to ensure that the ROBUST tools are portable to any community.


[1] A. Mocan, F. Brauer, and W. Barczynski. (2011) D8.1:Provisioning and preparation of the SAP Community Network Data. EC FP7-ICT ROBUST Project. [Online, last access: May 2013]. Available:

[2]    I. Ronen, S. Ur, and I. Guy. (2011) D7.1: IBM Employee Network Data and Requirements. EC FP7-ICT ROBUST Project. [Online, last access: May 2013]. Available:

[3] R. Happe, “Announcing the 2012 State of Community Management Report”, [Online, last access: May 2013]

[4] McKinsey, “The rise of the networked enterprise: Web 2.0 finds its payday”, [Online, last access: May 2013]

[5] M. Boniface, J. Pickering, E. Meyer, C. Cobo, A. Oostveen, B. Stiller, and M. Waldburger. (2011) D3.1 First Report on Social Future Internet Coordination Activities. EC FP7-ICT SESERV Project. [Online, last access: May 2013].

[6] Simply Measured, [last access: May 2013]

[7] Sysomos, [last access: May 2013]

[8] Facebook Insights, [last access: May 2013]

[9] T. Humbarger, “The Importance of Active Community Management Proved With Real Data,” [last access: May 2013]

[10] B. Nasser et al. (2011) D1.1:Representation of Risks in Online Communities. EC FP7-ICT ROBUST Project. [Online, last access: May 2013].

[11] R. Happe, “The 2010 State of Community Management Report. Best Practices from Community Practitioners”. [last access: May 2013]

[12] “Announcing the 2011 State of Community Management Report,” [Online, last access: May 2013]

[13] ISO/IEC, 31000:2009 Risk management - Principles and guidelines, ISO Std., 2009.

[14] J. Fliege, et al. D1.2: Risk Monitoring and Tracking in Online Communities. EC FP7-ICT ROBUST Project. [Online, last access: May 2013].

[15] T. Baeyens et al., “Activiti Business Process Management platform,” [last access: May 2013]

[16] SIOC, “Semantically-Interlinked Online Communities,” [last access: May 2013],

Dr Bassem Nasser is a Senior Research engineer at the IT Innovation Centre, Southampton. His main research interests include Trust and Security, Risk Management, Identity Management and Social Media analytics. At the IT Innovation Centre, Bassem is currently leading EU OPTET project addressing trust and trustworthiness in socio-technical systems as well as the EU ROBUST project addressing risks and opportunities management in huge scale online communities. Bassem has published over 30 papers in journals, conference proceedings, technical books and workshops.

Dr Vegard Engen is a research engineer at the IT Innovation Centre, currently working in the areas of Cloud computing, risk management and web science. Recent research focuses on proactive risk management in online communities, service level agreements, quality of service, resource provisioning and adaptation for interactive future internet applications. With a background in artificial intelligence, Vegard has also researched and delivered machine learning solutions applied to a range of real-world problems ranging from network based intrusion detection to medical diagnosis.

Paul Walland has over 25 years experience in the leadership of research teams in a wide range of UK based commercial organisations and academia.  He joined The IT Innovation Centre in 2006, where he acts as principal investigator on a number of EC and UK funded projects. Prior to this, Paul was Projects Group Manager responsible for research at Snell & Wilcox Ltd, UK, where he initiated and led a wide range of UK and European research projects in the field of digital video and multimedia.  He has chaired workshops, conferences and working groups as well as publishing widely at international conferences and in technical journals.