Assignment: CORPORATE GOVERNANCE AND RISK MANAGEMENT
Introduction and assessment task
Actions are dictated by values. Identifying organisational values - both proclaimed and actual - will assist an organisation to ensure that most, if not all, its actions are commensurate with these values, and enable it to put in place a robust structure to support the ‘operationalisation' of its values.
Many governance and risk management problems for multinationals and companies trading far from their home base, for example, arise because of differing value systems. A governance and risk management audit helps an organisation to establish clear guidelines about the limits of acceptable behaviour which are consistent world-wide, while recognising where appropriate local social differences. In other words, a governance and risk management audit articulates the core values of an organisation, and assesses the consistency of their internal and external application: internal with respect to what the company or organisation says about itself in its various documents, such as statements about mission and conduct; external with respect to how they act in their host societies and internationally.
A governance and risk management audit always begins internally, with a review of ‘paper', ‘processes' and ‘people.' The findings of the audit are then tested out with stakeholder groups, to ensure that the values base is one which is shared by, or at the least acceptable to, key stakeholders. The results provide important management information and can (and ideally should) be used to report on the organisation's social and/or governance performance, either as part of the Annual Report or as a supplementary report.
In this assessment, you are asked to conduct a governance and risk management audit of an organisation with which you have had some association. It could be a large company, a family business, a school, a hospital, a not-for-profit organisation. It could be any organisation that provides a service or conducts any form of social activity that involves:
In this assessment, you are asked to conduct a values and risk audit of an organisation with which you have had some association. It could be a large company, a family business, a school, a hospital, a not-for-profit organisation. It could be any organisation that provides a service or conducts any form of social activity that involves:
1. Some form of statement about what it does and its commitments. This could be a company or organisational mission statement; or marketing material; or any document in which the organisation defines its commitment to abiding by the law, or certain moral codes, or specific cultural or communal commitments. In other words, anything that articulates what the company/organisation stands for with respect to governance and social responsibility. It might be as generic as saying, as Google does, "do no evil", or as specific as BHP Billiton's commitment to observing best practice in land remediation of spent mines;
2. Some level of financial management and accountability. This can be at a very high level for a large company, or very modest in a small family business. Either way, there has to be some level of financial or resource accountability, and some level of responsibility for what the organisation does in the conduct of its activities;
3. A recognised set of risks to the organisation's well-being, or to the interest of its stakeholders, that are articulated in some way, whether in the form of an organisational risk management strategy, or some other less formal method of assessing and addressing organisational and/or stakeholder risks.
4. A defined set of services or products. That is, the organisation's outputs - what it offers its client or customers;
5. A customer or client base. There must be some customer or client base for the audit to make sense, and this needs to be identified, namely, who the organisations serves or supplies.
6. Some level of management structure or identifiable managerial accountabilities responsible for organisational governance and risk assessment and management. For our purposes, an anarchic group of people just doing things for the sake of it to help others, or themselves, but with no formal structure, is not a suitable subject for this exercise. There must be some specific roles and accountabilities, even if poorly defined.
What you are asked to do is to conduct a mini-audit of the organisation that describes the above elements, analyses how well and appropriately the organisation manages its stated governance and risk management commitments and provide a set of recommendations on how the organisation may enhance its governance and risk management performance.
First read the below to give you a better idea of the big picture, so to speak. Note: you are NOT expected to conduct a full governance and risk management audit with detailed interviews and in-depth analyses of organisational documents.
What you are asked to do is a ‘mini-audit' in which you select an organisation and:
1. Give an overview of the organisation - what it does and how it promotes itself to its shareholder (where relevant) and stakeholders, through official documents, policies, procedures, and advertising. Provide evidence in the form of attachments, but only important documents, or selections that make your point. Don't go overboard with attachments and evidence; just enough to make your point, and no more.
2. Clearly state the ‘advertised' values of the organisation - what it says it stands for. Where these are unclear, try to tease them out.
3. Describe the processes the organisation has in place that promote, monitor, review, action its value commitments. Again, you can't do everything, so be selective. In your general overview of the organisation's value commitments, you can state that the organisation is committed to x, y and z, but focus only on z, for example. In other words, don't be too ambitious. You don't have much time to complete what could be quite a detailed exercise. So, focus on something that is representative of the company's values commitment (or otherwise!).
4. Review the history of the organisation over the recent past, say, 5 years. You don't have to be rigid about this. If 10 years is a more appropriate frame of reference, then that's fine. What you are looking for here is the extent to which the company has been true to its commitments. What evidence can you find one way or another? Remember, corporate governance and/or CSR undertakings are major value commitments of an organisation and are absolutely central to this assessment.
5. If possible, interview a few key stakeholders for their views. This is not always possible, but may be very relevant in some circumstances. This is up to you. You do NOT have to interview anyone. But if you can, and if it is relevant, then this would be a good way to get more data on the organisation's fulfilment or otherwise of its value commitments.
6. Draw some conclusions about the company's integrity (more on this below). In other words, discuss what you have found. No need to be definite or definitive, since this is only a mini-audit. But it can be indicative, and serve as the preliminary study for a much deeper investigation. In other words, this is ‘audit lite', so to speak, in which you do a fairly quick and succinct review of an organisation to see if there is anything that would lead you to look more deeply.
7. You need to be specific about the things you find that indicate organisational integrity, and those that indicate organisational hypocrisy. You are not asked to solve the problems you find, but once you have identified key issues, discuss them in light of the key issues covered in the unit.
8. You do not have to provide heavy academic referencing, but where possible, draw on examples from the readings and unit guide, and any other sources that you believe to be relevant. Again, no need to go overboard. Just cite those sources and references that you have actually used; not a long list for the sake of impressing the marker - the opposite will be the case. You will get good marks for authenticity and sound analysis.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.