Risk management is also an important director duty. Risk can be grouped into three types, all of which relate to the effectiveness in driving strategy:
- risk that directly affects the organisation’s growth,
- risk that is normally off the radar where there is low probability but high impact to the organisation, or change risk, and
- operational, or business-as-usual risk
Many boards have adequate risk controls for 3 as this tends to be more conformance in nature. When all are taken together, the director duties of performance, conformance and risk management ultimately require effective board governance measures which I discuss later.