Governance and Legal Risk Management

Published: August 19, 2013

Read Time: 3 minutes

Governance legal risk management

The terms governance, clinical governance and legal risk are much bandied about but hold different meanings for different people.

Some of the possible interpretations include:-

  • Minimising Liability – particularly steps to reduce liability and exposure.
  • Accountability – improving accountability and transparency within organisations, particularly decision making.
  • Risk management – dealing with legal risk, financial risk and business risk within an enterprise.
  • Compliance – meeting statutory, regulatory and other requirements.

In the usual context legal risk management relates to how boards can be satisfied that risks and liabilities within an enterprise are being addressed. Boards, with personal liability as directors of the company, want to be satisfied that any issues which may give rise to personal liability have been adequately addressed within the enterprise.

Moving towards better governance includes addressing such issues as organisational culture, staff knowledge and values, system design, resources and appropriate management models. There is a need to identify and comply with appropriate standards within the enterprise, depending on the nature of its activities. There should be a culture which recognises the opportunity cost to the organisation of doing it wrong, and the benefits to the organisation of getting it right.

Key governance issues for organisations, particularly in health and aged care, can involve an audit of current processes and structures including:-

  • Reviewing levels of delegation, to ensure that the appropriate people in the organisation only have sufficient authority to bind the organisation commensurate with their tasks and duties.
  • A system of accountability and reporting regimes – to ensure that urgent issues are raised through appropriate channels and that regular reporting proceeds up the line to the CEO, and ultimately the board.
  • Appropriate policies and procedures – the raft of issues which a modern enterprise must cover including OH&S, EO, privacy, care and safety, statutory compliance.
  • Education and training – it is not sufficient to merely have appropriate policies. Staff must be properly trained and educated.
  • Notice requirements, compliance checklist and sign off – a system by which management at various levels of the organisation “sign off” in relation to compliance within their area and notification of any breach or incident.
  • Complaint handling – a system to deal with instance which arise and complaints received.

For many organisations, a “legal risk audit” can help to identify those areas where systems may be lacking or inadequate. A legal risk audit would concentrate on those areas which can expose an organisation to the most liability. A review will also identify whether the organisation, as a whole, has appropriate systems and processes in place to deal with these key governance issues.
A compliance checklist can be developed for an enterprise which assists both identification of risk, identification of inadequacies within the organisation and provide assurance to management and the board that statutory and regulatory compliance has occurred.

Legal advisers can assist in the development of compliance manuals, carrying out “legal risk audits” and the development of appropriate checklists and reporting processes, in order to minimise exposure to legal risk, and enhance compliance with legal obligations.


Russell Kennedy

Michael provides advice in health, administrative and intellectual property law and in company, contract and commercial law. Michael holds Honorary Fellowships of the Royal Australasian College of Surgeons and the Australian and New Zealand College of Anaesthetists. Michael was made a Member of the Order of Australia in January 2004. He is currently a Board Member of the Victorian Equal Opportunity and Human Rights Commission, Melbourne Health (Royal Melbourne Hospital) and National Ageing Research Institute and a Committee Member of the Australian Health Professional Regulation Agency (Agency Management Committee). Michael was named Best Lawyers’ 2013 “Lawyer of the Year” for Health and Aged Care Law. He was also recognised for his expertise in this category in the 2011 and 2012 editions of Best Lawyers.

Found this article useful or informative?

Join 5,000+ not-for-profit & for-purpose directors receiving the latest insights on governance and leadership.

Receive a free e-book on improving your board decisions when you subscribe.

Unsubscribe anytime. We care about your privacy - read our Privacy Policy .