Should governance be top-down or bottom up?
I have always wondered about top-down approaches to something that is expected to live in the DNA of corporate operations.
Analysts, ‘experts’, auditors and compliance/risk gurus have always talked about how important it is to have the ‘tone-at-the-top’ to define a culture of accountability down the ranks. What such paradigms suggest that leaders and role models set example and subscribe to accountability on all levels of the organization. These ‘parables’ fail to address or recognize the ‘force from within’ that needs to be kicked up to get acceptance of and support for the tone-at-the-top. Shouldn't we think of a push and pull strategy? Maybe it makes sense to recognize all forces from all directions that contribute to success of any program or culture.
Motivating and rewarding workforce to comply with a program such as GRC is very capitalistic thinking and an approach that needs further review before it is expected to meet or exceed any metric.
It's not clear what you meant by "capitalistic thinking", and whether you infer that it's a good or a bad thing.
ReplyDeleteDepending on your meaning, I disagree with your final paragraph.
Sumner
I suppose you want to say that GRC might not simply work only because financial incentives are given to the people involved? In this respect it is possible that the "soft" part of GRC underlies the same issues as e.g. knowledge management; but accountability for risk management and compliance can be assigned to distinct members of the organisation.
ReplyDeleteTrue that we can't disregard information coming bottom-up, but the primary driver still needs to be top management imho. Otherwise you will end up with inconsistent, siloed approaches.