Published: 18 Jul 2016
Governance is the first element in the CQI's Competency Framework. Here's why we believe it's so important for auditors.
Good governance lies at the heart of all successful organisations. It helps protect against poor decisions and can transform performance from top to bottom. Poor governance exposes organisations and their stakeholders to increased financial, reputational and operational risk, as evidenced by recent quality failures such as the horsemeat scandal and the banking crisis in the UK.
The CQI's Competency Framework recognises the importance of achieving good governance. Governance appears as one of three headline areas of activity (the other two being assurance and improvement) that all quality professionals must be able to demonstrate competency in. We must all understand the essentials of governance and be able to differentiate the good from bad.
The Competency Framework associates two key questions with governance:
- Is management intent defined?
- Is management intent fit for purpose?
As management systems auditors, we are well positioned to ask these questions of any organisation and assess the validity of an organisation’s response. But what exactly should we be looking out for?
Is management intent defined?
As auditors we would expect to find objective evidence that an organisation was using appropriate methods to establish its stakeholder needs, expectations and views.
In Annex SL parlance this equates to ‘determining the interests of relevant interested parties’. As the relevant interests of relevant interested parties change through time, we would also want to assure ourselves that a mechanism is in place to periodically monitor and review the results.
We would then expect to see top management ensuring that their policies, processes and plans have been produced with consideration of interests of relevant interested parties. Any objectives the organisation sets must be consistent with policy and evidence should exist that further demonstrates that the organisation is evaluating its risks and opportunities.
Following this investment in planning, we would wish to see evidence that the organisation had successfully translated this learning into process management capability. The organisation should be able to demonstrate that its core processes are owned, defined, implemented and being improved, and are consistently delivering the intended results. However, constantly delivering the intended results is not sufficient proof of good governance. This brings us on to the second question.
Is management intent fit for purpose?
It’s not sufficient for the organisation to simply be generating the outcomes it intends to generate. A critical consideration is whether these outcomes are what the organisation’s stakeholders really want – ie is the management intent fit for purpose?
As auditors we must seek to ensure the organisation’s policies, processes and plans
are effective in meeting stakeholder expectations, removing variation, minimising business risks and maximising opportunities. We also need to ensure that the business management system is being continually assessed and improved, as without this self-assessment and action on the resultant learning, even market leading organisations can get left behind.
We must determine whether top management is displaying the values they prescribe through their behaviour and whether they are actively developing the capacity and capability of the organisation to become effective. We would also expect to see individuals performing effectively in defined roles with clear accountabilities.
Spotting good or indeed poor governance should not pose too much of a challenge for the experienced auditor. The indicators above are pretty much those we currently consider, or will shortly be required to consider, as Annex SL-based standards become the norm. The jump we need to make is to move away from simply reporting poor governance to participating in tackling it. As the Competency Framework reminds us – we need to become agents for change.
Richard Green is Interim head of member services at IRCA.