Exiting a crisis, the governance framework is a critical area of an operational resilience program that should be reassessed.
While a governance structure may have survived barely intact during a multiyear crisis like a pandemic, it may not be the type of operating model that's needed for the future. Reflecting on the operational governance framework can shed light on:
- New definitions or standards for effective governance.
- Processes that need optimization.
- Staff or business units that require reinvestment.
- Changes necessary to board oversight.
- Much more.
What Is a Governance Framework?
A governance framework is the architecture, systems, and management methodologies businesses implement to achieve a number of critical goals, such as:
- Information security and regulatory compliance.
- Project management and change management efficiency.
- Risk management and data governance efficacy.
- Internal control and business process enforcement.
The governance framework, or governance model, mandates how each business unit interacts within itself and in relation to others. It's the playbook for stewarding success.
Corporate governance defines the standards, protocols, process owners, decision authority, and oversight necessary to accomplish strategic goals and collective business objectives. Without a framework dictating the operating model at all levels of the business, decision-making is less effective, risk is more likely to be exposed, and the organization as a whole is less agile to market changes.
Operational Governance Framework: Review the Past for a Future Roadmap
Organizations without an existing operational governance framework can use a business crisis as a foundation for building out something formal. Similarly, companies can use this time to optimize as needed.
When reviewing the strength and weaknesses of the governance program, include the following six steps:
1. Assess the Effectiveness of Board Oversight
Board and senior management should own the operational resilience plan, and the oversight structure should provide them the ability to make quick, strategic decisions in times of crisis.
2. Analyze the Impact of Communications to Employees and Customers
A crisis naturally breeds uncertainty among all stakeholders; it is crucial for management to maintain open lines of communications regarding response actions taken.
3. Consider the Amount of Collaboration Across Departments
Operational resilience governance should break down organizational silos and allow for coordinated responses.
4. Assess the Effectiveness of Escalation Procedures
To enable a rapid response by senior management, any breaches of risk or impact tolerances should be escalated in a timely manner.
5. Assess the Effectiveness of Training and Awareness Programs
Relevant employees should be prepared and proficient in executing the operational resilience action plan.
6. Review the Clarity of Roles and Responsibilities
Critical personnel/departments should be aware of the role they play in maintaining critical operational capabilities and the dependencies by other personnel/departments.
An effective governance framework provides the foundation to build resilience across all parts of the organization and bring together the individual operational resilience programs of each organizational silo.
Interested in learning more about managing post-pandemic risks and requirements?
Download our guidebook for a roadmap for leaders to decisively deploy actions that correspond to the shape of the future-state economy, all while mitigating new and emerging cyber and operational risks.
Editor's note: Updated February 2022