This article looks at the Board’s involvement in managing enterprise culture.
Deloitte has shared an interesting and useful piece, Corporate Culture and the Board.
It includes a definition of culture that I have seen before and makes sense:
In the corporate context, culture is a system of values, beliefs and behaviors that shape how things get done within the organization.
They make an important point when they say:
Culture matters, because a strong, positive corporate culture provides a framework not only for risk mitigation, but also for both short- and long-term value creation. It aligns values, goals, behaviors, and systems throughout the organization in ways that can have favorable impacts, both internally (for example, through positive employee engagement or by facilitating optimal performance or a strong safety record) and externally (through positive branding, reputation and competitive advantage).
On the other hand, a damaged or broken culture can create dysfunction throughout the organization and create risk to critical assets, including brand reputation, intellectual property, and talent. As recent developments demonstrate, these and other negative impacts can destroy value and, ultimately, the organization itself. An important takeaway from the above is that a strong, positive culture is an important asset of any organization that should be supported and protected. It is not merely a “soft” issue of interest to investors and the media; rather, it can be critical to the company’s growth and performance.
Deloitte suggests 10 questions for the board to consider. I have a different set. These are questions the board should ask of management—putting the emphasis on management’s responsibility to run the organization, while the board provides oversight and obtains assurance that management is doing a good job.
- How have you defined the culture you want the organization to have?
- Does it include all forms of desired (and less desired) behavior?
- How have you communicated this to everybody involved in the organization’s success?
- How have you ensured everybody understands?
- Are there repercussions for unacceptable behavior, even if there is no breach of law?
- How do you know whether behaviors across the organization reflect the desired culture?
- What is the level of noncompliance, how do you know, and is it acceptable? If not, what are you doing about it?
- How often is culture discussed, measured, and who is involved?
- Do our employees agree our stated culture is appropriate and is in place? How do you know?
- How can you keep us assured of an appropriate culture, especially as the environment changes, including the onboarding of new management and staff, completion of acquisitions, and so on?
Please see this earlier post, How do you manage culture?
What do you think?
I welcome your comments.
Norman D. Marks, CPA, CRMA
He retired in early 2013. However,he still blogs, writes, trains, and speaks – and mentors individuals and organizations when he can.
Latest posts by Norman D. Marks, CPA, CRMA (see all)
- Selecting software for risk management - August 18, 2021
- Talking sense about the audit committee - July 21, 2021
- IT audit and IT risk - June 16, 2021
