If someone were to pose the question: Does governance monitor and manage risk, or is governance itself a category of risk that requires monitoring and management? This might seem like a trick question, akin to the classic “chicken or the egg” riddle. Attempting to establish a sequential order is futile. Instead, we should acknowledge and harness the symbiotic relationship between governance and risk, recognizing them as complementary disciplines.

I like to think of governance and risk as two sides of the same coin. You cannot have one without the other; they are inseparable. However, this analogy feels incomplete as it doesn’t account for a critical dimension: the role of compliance and ethics.

In everyday terms, compliance means adhering to rules, regulations, and policies. But there may be situations where “compliance with the rules” might require individuals to do something they wouldn’t choose to do if given a choice. Despite an abundance of rules and regulations, a person’s ethics, based on their values, strongly influence whether they comply genuinely or only superficially.

Furthermore, rules and regulations cannot cover every possible situation a person may encounter. While compliance is about doing things right, ethics can be seen as doing the right things, even exceeding what rules and regulations demand. Hence, both compliance and ethics play vital roles in the realms of governance and risk.

To draw an analogy, consider the combination of governance, risk, compliance, and ethics as similar to driving a car. Governance functions as the steering wheel, setting the direction much like an organization’s strategy. Risk management, on the other hand, serves as the accelerator and brake pedals, ensuring that the journey is not only swift but safe and under control, much like reaching a desired destination promptly and securely. However, reaching the destination is only part of the story. Equally important is how the car is driven, considering both compliance with the “highway code” or “rules of the road” (e.g., stopping at red lights) and the consideration of other drivers (e.g., yielding the right of way when it’s courteous).

To achieve desired outcomes, individuals must assume a holistic approach that integrates governance, risk, compliance, and ethics. By doing so, organizations and individuals empower themselves to meet stakeholder expectations while upholding values like transparency, accountability, probity, and sustainability – elements we will explore in future articles.

By recognizing the inseparable connection between governance and risk and the pivotal roles of compliance and ethics, we create a comprehensive framework that ensures not only success but also sustainability. Integrating these facets harmoniously paves the way for achieving stakeholder expectations and, in turn, fostering transparency, accountability, probity, and sustainability.