​​​A Closer Look at Governance

Comments Views

In my last blog post, I promised a look at the elements of governance — a logical next step. Back in December 2007, in the "Governance Perspectives" column of Internal Auditor magazine, I wrote about auditing governance. The article included a sidebar that showed where I see the primary governance activities occurring. Today, I want to review that and go a little deeper. I will use a definition of governance as including the activities of the board and its committees, plus those of the internal audit function and an ethics/compliance officer.

First, here is a functional view of responsibilities:

Full Board

  • Board structure, objectives, and dynamics.
  • Hiring of top executives.
  • Assessment of CEO performance.
  • Oversight of organizational strategy, budgets, risk management, operational performance, acquisition success.
  • Delegation of authority.
  • Tone at the top.


Governance Committee

  • Board committee structure, charters, memberships.
  • Board and committee self-assessment.
  • Board education and training.
  • Awareness of governance best practices.


Nominating Committee

  • Hiring process for new directors.


Compensation Committee

  • Executive assessment and compensation.
  • Incentive programs.


Audit Committee

  • Ethics policies.
  • Whistleblower process and investigations.
  • Awareness and understanding of ethics policies and whistleblower process.
  • Oversight of external and internal auditors.
  • Oversight of financial reporting.
  • Oversight of financial forecasting.


Internal Auditing

  • Assurance over the adequacy of governance and risk management processes, and related controls.
  • Consulting services to add value and improve governance and risk management processes, and related internal controls.


Ethics/Compliance Officer

  • Ethics policies.
  • Whistleblower process and investigations.
  • Awareness and understanding of ethics policies and whistleblower process.
  • Compliance audits.
  • Reporting to the board and executive management.


Other

  • Shareholder meetings.
  • Shareholder communications.


A second view is by COSO layer:

Control Environment

Board of Directors

  • Corporate organization, strategy, tone, delegation of authority


Audit Committee

  • Oversight of external auditing and internal auditing, reviews of financial reporting, etc; ethics program oversight.


Compensation Committee

  • Executive compensation.


Governance Committee

  • Board structure, etc.


Risk Assessment

Board of Directors

  • Oversight of risk management.


Audit Committee

  • Reviews of financial reporting and financial management risks.


Control Activities

  • Annual ethics certifications.
  • Budget approvals.
  • Preparation of materials for board or committee review (by extension).
  • Recruiting of C-level executives and directors.


Information and Communications

  • Shareholder meetings.


Monitoring

Board of Directors

  • Reviews of operating performance and executive performance.


Audit Committee

  • Oversight of external reporting, external auditors, internal auditors, etc.


Governance Committee

External Auditors

Internal Auditors​


Is this consistent with your view of the elements of governance?

 

 

Comment on this article

comments powered by Disqus
  • ITACS_Dec1_Dec15_A_Dec2017_Blog1
  • PwC RPA_Dec2017_Blog2
  • IIA CIA_LS_Dec2017_Blog3