GRC - Governance, Risk and Compliance

From Business Agility Library
Jump to: navigation, search
Business Agility Library Logo.png

Governance supports the organisation, by ensuring consistent management, cohesive policies, overall guidance, and decision-rights for a given area of responsibility. Though the structure, roles and policies may differ from traditional organisations, business agility uses these same governance mechanisms and controls.

Good management is about getting hundreds, if not thousands, or hundreds of thousands, of your employees all working in harmony towards a common goal. In most organisations, employees work on behalf of the shareholders, via the Board of Directors. All but the smallest of companies need strong governance processes to ensure consistent outcomes in-line with the expectations of the Board. Corporate governance defines these relationships, and provides the processes to ensure managers make appropriate business and financial decisions, managing staff and their deliverables, and adequately controlling quality processes.

There is no single model of good business management or corporate governance[1]. However, across the many approaches, including business agility, there are common themes, independent of industry, country or structure.

Corporate governance specifies the instruments to define, achieve, and measure your corporate objectives, in the interests of the company and its shareholders. Good corporate governance also puts in place appropriate monitoring controls, to ensure that the Board and executive bodies are actively pursuing these objectives.

Most organisations define governance through organisational structure, roles and responsibilities, and formal policies. Governance can also mean ‘external governance’; strict controls and policies imposed on an organisation by external parties. These can include:

  • Legislation; such as workplace relations, or occupational health and safety.
  • Specific industry standards and frameworks; such as CMMI®, ISO9001, ISO20000, ISO38500 or the OECD Principles of Corporate Governance.
  • Government and industry regulation; such as financial or tax regulation.
  • Shareholder requirements and expectations.

Business agility is nothing, if not adaptable. If compliance with a specific regulation conflicts with your business agility goals, adapt your goals and governance processes.

Business agility also provides built-in verification points, to ensure governance compliance. These include:

  • Escalation of decision approval to appropriate levels
  • Transparency and oversight of decisions
  • Reporting to external agencies
  • Providing, and archiving of, documentation
  • Formal audits of business practices.

All governance processes need to balance the needs of diverse stakeholders, including; shareholders, regulators, corporate functions, and internal departments. For the interests of these stakeholders to be satisfied, there needs to be an alignment of corporate interests and objectives. Misalignment comes in many forms, including differing backgrounds and priorities, complex or overloaded governance controls, different management values and principles, or just the complexities of running a large multisite, or multinational, organisation.

All business agility processes aim to establish shared objectives and improve communication, but the most important feature is that they have built-in automatic alignment and re-alignment features. These include feedback-driven process adaption, empowered workers, self-organisation, collaboration and regular delivery.

At the end of your business agility transformation, you will have a set of processes that encourage broad collaboration across your business, including integration with corporate strategy and other core corporate governance mechanisms.



  1. OECD Principles of Corporate Governance, Organisation for Economic Co-operation and Development (2004).

Join the Business Agility GRC Community

If you'd like to continue the conversation with like minded individuals around Business Agility in Governance, Risk and Compliance, join the GRC Alliance via Slack. Specifically join the #governance-track channel.

GRC Alliance
Business Agility Slack Community

Library Steward

The content in this section has been brought together and curated by the great folk within the GRC Alliance. The stewards of the Business Agility Library are leaders in their field and we quite literally couldn't create such amazing content without their support. These organisations are leaders in the community and, through their actions and insights, continue to expand the horizon of business agility for us all.

GRC Alliance Logo