Governance & policies

The Governance & Policies building block defines the rules, decision-making structures, and compliance standards that guide how the organisation operates. It covers formal governance bodies, escalation paths, and the policies that set boundaries for behaviour, risk management, and compliance. This view ensures the organisation acts in a consistent, ethical, and legally compliant way while enabling effective execution of its strategy.

Why it's important

Without clear governance, decisions become slow, inconsistent, or overly centralised. Without policies, there is a risk of non-compliance, inefficiency, or conflicts in ways of working. Governance & Policies create the guardrails that keep the organisation aligned, accountable, and safe, while still leaving room for flexibility and innovation.

Interactions with other building blocks

Organisation – Governance defines how the structure is steered and controlled.
Processes – Policies influence how processes are standardised and audited.
Systems & Technology – Governance requires reliable data, controls, and compliance features in systems.
People & Capabilities – Policies shape behaviours and expectations, while governance defines accountability.
Performance & Metrics – Governance uses metrics to evaluate performance and trigger actions.

Common challenges

When defining this building block, key questions include:

What governance bodies are needed (e.g. boards, committees, councils)?
How are decision rights allocated between central leadership, line management, and network structures?
What policies are required to ensure compliance with regulations and internal standards?
How do governance structures support alignment without slowing down delivery?
How are risks and escalations managed?
How do we ensure governance adapts as the organisation evolves?

Our vision

We believe in lean governance, for example by implementing lean portfolio management.
We believe in decentralised decision making. Certain decisions still need to be taken central, but every decision that can be taken at lower levels should be taken at those lower levels.
The level of policies and governance bodies needed is heavily dependent on the industry. E.g. financial services or healthcare services.
Policies give direction and guardrails (no rules!) and should not be too rigid.
Good governance = visible policies, visible metrics, visible decision-making. No hidden agendas.