Governance

In this topic

What it is | Why it matters | Who it matters most for | What you can do

How to know if it's working | What the jargon means | How to learn more

What it is

Good intentions aren't enough: what you say and do needs to line up. Governance is a term to describe the structures and processes you use to make sure that happens.

It refers to both how you manage and integrate your sustainability efforts as a whole, including setting a strategy, tracking progress and staying accountable, and how you handle broader responsibilities like ethics, compliance, privacy and data protection.

It covers the rules, policies, relationships and structures that shape decisions and behaviour inside your business, and how people are held to account. For larger or more complex businesses, this might involve formal roles, forms to fill out, and board oversight. But small businesses can still put smart practices in place, like setting out strategies and plans, documenting procedures, and being aware of key risks.

Why it matters

Unethical and irresponsible business practices contribute to some of the world’s biggest challenges, from corruption and inequality to misuse of personal information and misleading advertising. These actions erode trust, harm vulnerable communities, and worsen social and environmental damage.

Where sustainability is concerned, businesses may set out excellent intentions for sustainability, but struggle to follow through on them. Without clear direction and knowing what they’re aiming to achieve, and without the processes and data to guide efforts, even well-meaning plans can stall or come across as greenwashing.Governance helps you manage both. It’s the backbone of how you stay on track, keep promises, and act with integrity.

As small businesses often work closely with customers, suppliers and communities, the impact of poor governance may be direct. If a small retailer doesn't protect customers' data or a local construction firm ignores conflict of interest risks, the effects can be immediate and personal.

Strong governance is good for business. It builds trust, reduces legal risk, improves your competitiveness and supports growth with confidence.

Sources: Singh & Pillai, 2022, IFC, 2018; Workday 2025, IAJMRR 2024

Who it matters most for

Governance becomes more important as your business grows, if you have complex risks to manage, or if you're looking to demonstrate your sustainability performance and credentials via documentation and certification.

If you handle sensitive customer data, offer financial, legal or professional advice, manage large contracts or operate in areas with safety or ethical concerns, you need clear oversight. Without it, the risks to people and the environment, reputation and compliance can add up fast.

Even small, lower-risk businesses can slip up. Setting out your values, keeping simple records, and being transparent builds trust and strengthens relationships.

"But I'm just a sole trader!"

You're right, a lot of this guide isn't relevant if you’re solo! But documenting your approach to sustainability, ethics and risk can still be useful, especially if you pursue tenders, loans, or certifications in the future. Also consider an external mentor to help review key decisions and uncover blind spots.

What you can do

Here are some practical and impactful ways you can address governance in your business.

Create a sustainability plan

Document your commitments and controls

Collect and manage ESG data

Strengthen your governance as you grow

Manage risks and responsibilities

Ensure ethical and responsible conduct

Report progress and seek recognition

Give back to people and planet

Create a sustainability plan

A sustainability plan or strategy sets a clear intention and a guiding light for what sustainability means to your business and how you're going to work toward it. It also shows you're serious when a customer, bank or potential hire asks what you're doing.

Even a simple statement outlining your vision and approach helps your team stay focused, guides decisions, and shows how sustainability supports your business goals. You don’t need to make it complicated: just name your key priorities and start moving.

Start by identifying between two and five of the environmental and social issues most relevant to your business, depending on your size and ambitions. Check out the guidance on prioritizing your efforts for help.

Then set some goals, identify specific actions and assign tasks. Even if you're a team of one, you can still write down what actions or goals you're committing to and revisit them quarterly. As you grow, you might see how your goals align to broader frameworks like the SDGs. The key is to keep it practical and achievable for your size.

Quick actions you can take:

• Take the quick sustainability quiz and identify between two and five topics to focus on for your business
• Identify some actions you commit to taking in each, and assign tasks and due dates
• Schedule a monthly or quarterly check-in with the people assigned those tasks to review progress and re-orient

Document your commitments and practices

Having straightforward policies, processes, controls, and basic records show you’re committed to taking action. They also help others to deliver on your goals, especially as your team grows.

So what are controls? They’re the simple steps you can take to avoid risks and get things right, like quality checks, security measures and safety checklists. Documenting them demonstrates you're translating your commitments into action and are important if you’re interested in pursuing certification for your business.

A simple sustainability policy, explaining why it's important to your business and what actions you’re taking, is a good place to start. You can also document processes like purchasing, onboarding, product design and sustainability claims, and keep simple records to monitor progress. You can learn more about documenting your sustainability policy and actions in the guidance on creating change.

For growing businesses, this can extend to documented roles, forms, registers, standard operating procedures and periodic internal checks. ISO 14001, which is the standard for environmental management systems (EMS), and other ISO management frameworks provide a great guide for what controls to consider.

Source: ISO 14001:2015

Quick actions you can take:

• Draft a 1-page sustainability policy.
• Write in an email how a key internal process will need to be updated to achieve your sustainability commitments.
• Save key documents (such as policies, checklists, decisions) in one folder

Collect and manage ESG data

Another key part of governance is being able to keep track of what's actually happening in your business, and whether you're going in the right direction. This includes ESG metrics like waste generation, health and safety incidents and carbon footprint (check out the guidance on taking action for specific metrics to consider based on the ESG topics you’ve selected).

First, choose just the measures that are most important for your business, maybe one or two per key sustainability topic you've selected. Set up a process for where the data for each metric comes from, how it will be collected and by whom, any calculations that are needed, and how the results will be reviewed for accuracy. This is especially handy for data that might only get reviewed annually, and a lot gets forgotten in a year!

Rather than collecting the various metrics separately, keep them in the same place, like a single workbook, so they can be easily reviewed and managed, even in a single dashboard. Some businesses make use of ESG software to help them collect, manage and automate the data especially if they need to be more rigorous for reporting and compliance, but spreadsheets and shared folders are a fine place to start.

Quick actions you can take:

• Identify one or two metrics to start tracking for each of the key sustainability topics you've identified
• Work out where that data comes from in the business, how it's calculated, where it will be stored, and who's responsible – and write it down
• Store data, procedures and calculations in a shared folder so it’s easy to find and review

Manage risks and responsibilities

Every business has risks. The goal isn’t to eliminate them, but to be prepared.

Sustainability isn’t just about doing the right thing; it's also about planning for real future changes to your operating environment.

This includes physical risks from climate change, like fires, floods, droughts and storms disrupting your operations or supply chain or even damaging your property. It also includes market risks like customers choosing to buy from your more sustainable competitor, not getting approved for a loan because your employment practices aren't compliant, or key ingredients being banned as potentially harmful.

It's also important to be aware of what risks your business might pose to the environment or people: the management of those is addressed in the guidance on taking action. You might also have compliance responsibilities, like data protection, site safety and waste disposal.

The next step is to discuss with your team how to respond, both now to reduce that risk and in the future if it does happen. Then write that down, outlining the risks and responses that you can refer back to later. For medium-size businesses, scenario planning or due diligence checks (on partners, suppliers or clients) can help you stay ahead of issues.

Sources: Zurich Insurance Group 2016

Quick actions you can take:

• Write down three business risks related to sustainability you think might be most relevant to you.
• Discuss these with key people in your business and write down what you'd do in the event of that risk occurring, and what you could do now to avoid or lessen its impact.
• Document your discussion to show your bank or insurance company you're on top of your risks.

Ensure ethical and responsible conduct

Trust is hard-earned and easily lost, and poor decisions can come with steep fines and costly lawsuits. Ensuring everyone in your team acts with integrity is vital to protecting what you’ve worked hard to build.

As examples, using customer data without proper consent, pushing unnecessary treatments in a health or beauty setting, or favouring friends in procurement decisions can all erode trust and bring legal consequences. Businesses working in areas like healthcare, construction, finance or government contracts often carry higher ethical risks and should take extra care. The wellbeing of vulnerable customers or community members should come first.

Be clear with your team on what’s acceptable and what’s not. If your team is growing, set up simple policies and registers for ethics, giving and accepting gifts and conflict of interest. Make sure your product labelling, marketing and claims are accurate. Train your people and make it easy to speak up when something feels off, or if they see an opportunity to do things a better way.

Source: Adobe, 2021

Quick actions you can take:

• Identify any risks of unethical practices relevant to your business activities.
• Write a short ethics or code of conduct statement for your team.
• Review how you collect, store and use customer data to ensure it's secure and used responsibly.

Report progress and seek recognition

Being transparent about your efforts builds trust. It shows customers and partners that you’re walking the talk and engages them in the process.

Reporting can be simple. Start by sharing updates on what you’re committing to and working on. This could be on your website, social media or email newsletters. Don’t be afraid to share the bumps as well as the wins. Authenticity goes a long way.

Further along, you might publish a simple annual sustainability update showing your progress on initiatives and any ESG metrics you’re collecting, as well as next steps. To learn more about documenting your sustainability policy and actions, check out the guidance on sharing your progress.

Some businesses also seek certification like B Corp, ISO 14001 or EcoVadis, or align with reporting frameworks such as the UN Global Compact, UN Sustainable Development Goals (SDGs), or the new VSME Standard in Europe. These provide your customers with validation that your business meets or aligns with a recognized standard for sustainability. Choose what suits your stage, and use the regular updates to review and drive continuous improvement.

Source: Consumer Goods Forum, 2023

Quick actions you can take:

• Add a sustainability update to your next team or customer email.
• Take photos of your team working on a sustainability initiative and share it on socials.
• Research one certification that's relevant to your industry or country (eg, B Corp globally, or Climate Active in Australia).

Give back to people and planet

Giving back shows you care about your customers and the world your business operates in. It strengthens your reputation, keeps you connected, and attracts future customers and employees.

You can give small donations, plant trees with your team, offer pro bono work, or partner with a charity to promote them to customers. Some businesses even commit to giving the profits of a specific product or a percent of their annual revenue or profit to charities such as 1% for the Planet.

Whatever you choose to support, try to find something that connects with your purpose as a business. Giving back works best when it’s an extension of the impact you want to make in the world, not just a random cause, but something your team and customers can connect with.

For more information specific to supporting your local community, see the how-to guide on community.

Source: Edelman Trust Barometer, 2022

Quick actions you can take:

• Identify causes and charities that align with your business's purpose and choose one to support this year
• Hold a fundraising event or promotion for charity or initiative you support
• Give your team time off to volunteer or become a mentor or coach

How to know if it's working

Governance can seem hard to measure, but there are ways. Start with implementation goals that track your progress against an action plan, then track the results you're seeing.

Some common examples include:

• Progress against actions: Whether actions you've committed to have been completed and an overall percentage of progress
• % of team completed ethics training: Keep records of employee training to ensure you cover everyone
• Team participation in volunteering or giving programs: For example, participation rate in a volunteer day or number of staff who mentor or coach
• Certification status: Whether you're undertaking or have earned a recognized certification such as B Corp or ISO 14001

Targets will look different depending on what's relevant to your business. Some common ones may be to publish an annual sustainability update, complete at least 80% of the actions planned for this financial year, or achieve certification by a certain date.