Understanding Governance versus Management of Technology
Lots of talk about ‘governance’ these days in various technology contexts, especially around AI. Lots of misunderstandings too.
GOVERNANCE
Tim Clements
7/31/20242 min read
Lots of talk about ‘governance’ these days in various technology contexts, especially around AI.
Lots of misunderstandings too.
And is it just me, but isn’t GRC coming back into vogue? About 10 years ago, Gartner said GRC was dead! Yet now I see many companies building up GRC functions and procuring GRC tools.
I have a strong background in GRC stemming from the WorldCom and Enron scandals and was first exposed to the concepts when integrating financial business processes and systems into an IBM acquired company 20 years ago, followed by managing a compliance project at Carlsberg Group addressing the so-called ‘EuroSox’ EU directives. And then more GRC-related projects and programmes followed and I've never looked back.
Back to the governance v management conundrum.
Many of us are familiar with the rapidly evolving landscape of technology, especially in fields such as AI and data protection so understanding the distinction between ‘governance’ and ‘management’ is critical for legal, AI, information, technology and data protection professionals (to name a few) to ensure effective oversight and operational success.
While both governance and management are leadership roles, they each have their own unique responsibilities and functions.
Governance: big picture stuff
Governance is all about the big picture and long-term goals. This is the job of the board of directors. They focus on making sure everything the company does aligns with its mission and long-term objectives. Here are some key points about governance:
Evaluating stakeholder needs
Making sure the needs, conditions, and options of stakeholders are well understood to set balanced and agreed-upon goalsSetting strategic direction
Deciding the direction of the company through prioritisation and decision-makingMonitoring performance and compliance
Keeping an eye on how things are going compared to the agreed goals to ensure everything is on track.
The Board constantly asks whether the organisation is working towards its mission, having a positive impact, and being sustainable financially and operationally. They also decide the company’s risk appetite, set up accountability frameworks, and establish policies and procedures.
Management: getting things done
Management is about day-to-day operations and putting the strategic direction into action. Managers are the go-betweens for the board and employees, translating high-level plans into actionable goals. Here’s what management does:
Communicating expectations
Making sure everyone knows the mission, strategy, and policiesManaging operations
Planning, building, running, and monitoring activities to meet the company’s goalsReporting results
Keeping the Board updated on progress and outcomes.
Key differences
Focus: governance is strategic, looking at long-term objectives and overall direction. Management is tactical, focusing on daily operations and implementation.
Responsibilities: governance sets the strategy and monitors compliance. Management plans and executes operations to meet those strategic goals.
Accountability: the board is accountable for ensuring the organisation sticks to its mission and long-term goals, while management is responsible for achieving these goals through effective operations.
Purpose and Means
Helping compliance leaders turn digital complexity into clear, actionable strategies
BaseD in Copenhagen, OPerating Globally
tc@purposeandmeans.io
+45 6113 6106
© 2025. All rights reserved.