The Institute of Enterprise Risk Practitioners (IERP®) is the world’s first and leading certification institute for Enterprise Risk Management (ERM).

Image Alt

IERP® International Institute of Enterprise Risk Practitioners

  /  Blog   /  Is Enterprise Governance a board or management issue?

Is Enterprise Governance a board or management issue?

While quite a substantial amount is known about Enterprise Risk Management (ERM), significantly less is known about Enterprise Governance (EG) – perhaps because EG is a much later construct in the corporate management pantheon. It also explains why little is known or realised about what EG can do for organisations. The International Federation of Accountants (IFAC) describes it as the responsibilities and practices exercised by the board and management to provide strategic direction for the organisation, but this may be a bit too general because EG actually goes beyond just “providing strategic direction.” EG has far-reaching implications and consequences, and, if done right, is capable of pushing the organisation to the top of the class.

EG basically supports and evaluates board performance and provides a feedback loop into strategy and execution. Currently, there is a myriad of tools and apps to gauge how management is doing but other than the tacit approval – and increments – of directors’ fees, what other way is there to measure how directors are performing? Are they effective in their positions? Are they doing what they are supposed to do? How can shareholders and stakeholders tell? EG generally consists of two parts: conformance and performance. Conformance is similar to corporate governance, and is more concerned with compliance with rules, regulations and requirements. Performance, on the other hand, shows how good the board has been about making its strategy work.

That implies, of course, that the strategy is a workable one, but EG is not as straightforward as handing over a set of procedures to management to be followed; it is also about using the firm’s resources and capabilities responsibly and with full accountability. Effective EG will produce sustainable revenue and create value for the organisation, thereby increasing its competitive edge. Organisations are increasingly evaluating board performance, using an EG framework to do so. This framework assesses risks and manages them using the organisation’s resources, as part of the board’s task of establishing the organisation’s risk appetite, its key performance drivers and key decision-making points.

The board does this in collaboration with management, over which it exercises oversight. Research has shown that the lack of EG in many cases underpins strategic failure because good corporate governance on its own is not enough to create success for the organisation. A firm’s conformance, i.e., adherence to rules, regulations and requirements, must be balanced with its performance – the tools, techniques, frameworks, processes, procedures and other resources which it applies towards maintaining itself as a going concern. The performance part of EG is not easy to identify or manage as it involves many elements that are not immediately obvious and may require a different approach.

Many companies do quite well when managing the conformance element but fall short when it comes to strategising. Admittedly, it is not easy to police or apply oversight to yourself, which is what EG requires of the board. You have to keep asking yourself, “Is this the right thing to do?” and “Did we make the right decision?” or “Is this strategy working?” – and be prepared to make an abrupt about-turn if it isn’t! Of course, a small committee within the board could be tasked with this sort of oversight but ultimately, the board will have to make the hard decisions. It is hard to know when you’ve hit the sweet spot, where conformance and performance are in balance.

Properly developed, the framework of EG takes into account both corporate and business governance, supports the board in making strategic decisions while understanding the organisation’s risk appetite, its strengths and weaknesses; and, leveraging on its resources, guides it correctly towards achieving its objectives.

    Name (required)

    Email Address (required, business email address only)

    Mobile Number (required)

    Company (required)

    Designation (required)

    Preferred Contact Method: (required)

    CallEmail

    What is the biggest challenge in your job/industry

    Which modules are you interested in? (required)

    Managing ESGMechanics of ESGEnterprise Risk Management

    Message

      Name (required)

      Email Address (required, business email address only)

      Mobile Number (required)

      Company (required)

      Designation (required)

      Preferred Contact Method: (required)

      CallEmail

      What is the biggest challenge in your job/industry

      Message

        Name (required)

        Email Address (required, business email address only)

        Mobile Number (required)

        Company (required)

        Designation (required)

        Preferred Contact Method: (required)

        CallEmail

        What is the biggest challenge in your job/industry

        Which modules are you interested in? (required)

        Evaluating Risk and Internal ControlCorporate GovernanceEstablishing a Cybersecurity FrameworkEnterprise Risk Management

        Message

          Name (required)

          Email Address (required, business email address only)

          Mobile Number (required)

          Company (required)

          Designation (required)

          Preferred Contact Method: (required)

          CallEmail

          What is the biggest challenge in your job/industry

          Message

            Name (required)

            Email Address (required, business email address only)

            Mobile Number (required)

            Company (required)

            Designation (required)

            Preferred Contact Method: (required)

            CallEmail

            What is the biggest challenge in your job/industry

            Which modules are you interested in? (required)

            Digital Risk Management and DisruptionMechanics of CyberSecurityEnterprise Risk Management

            Message

            User registration

            Reset Password