What Is Organizational or Corporate Governance?
The international standard on social responsibility, ISO 26000, defines organizational governance as "a system by which an organization makes and implements decisions in pursuit of its objectives." Governance systems include the management processes designed to deliver on performance objectives while considering stakeholder interests.
The Global Association of Risk Professionals (GARP) highlights the importance of concepts such as credibility, transparency, and accountability in establishing effective governance. Corporate governance is, GARP notes, "doing the right things for the organization and doing things the right way independent of personal interests." In this context, "organization" can refer to many different types of groups. For example, a business, an institution, a professional society such as ASQ, and even a family may be considered an organization. Governance is applicable in these types of organizations.
The United Nations Economic and Social Commission (UNESC) indicates that the eight major characteristics of good governance are that it is "participatory, consensus-oriented, accountable, transparent, responsive, effective and efficient, equitable and inclusive, and follows the rule of law. It assures that corruption is minimized, the views of minorities are taken into account, and that the voices of the most vulnerable in society are heard in decision making. It is also responsive to the present and future needs of society."
While governance starts at the top, different structures have to exist to ensure that decisions and accountabilities are carried throughout the enterprise or organization. Table 1 compares models of good governance and shows that regardless of the model, good governance is a byproduct of the values or principles an organization adopts, the strategies it puts in place to set direction, the policies it creates to establish boundaries, and the processes it applies to conduct operations.
Table 1: Comparison of ISO 26000 to UNESC Governance Models
Governance, Risk, and Compliance (GRC)
Governance, risk, and compliance (GRC) are increasingly being treated as three parts of a single integrated framework with the purpose of providing a holistic view of organizational performance.
Business risks need to be identified, measured, mitigated, and controlled within the context of a management system. Compliance refers to the scope of regulations, legal requirements, industry standards, and business rules to which organizations must not only adhere and abide, but must demonstrate fulfillment.
As GRC management systems increase robustness, they can add business value to organizations by improving operational decision making and strategic planning. By incorporating GRC considerations into a social responsibility management system, the organization can more effectively manage its social responsibility influence.