Governance considerations

(OBJ 5.1)

Regulatory Considerations

• Organizations must comply with various regulations, depending on industry and location
• Regulations cover areas such as
  • Data Protection
  • Privacy
  • Environmental Standards
  • Labor Laws
• Example:
  • General Data Protection Regulation (GDPR): Implemented by the European Union, has significant impact on how organizations collect, store and use personal data of EU citizens.
• Non-compliance leads to penalties, fines, sanctions, and reputational damage

Legal Considerations

• Complement regulatory considerations, encompassing contract law, intellectual property, and corporate law
• Ensures operation within the bounds of the law, to avoid legal penalties and maintain their integrity and reputation
• Example:
  • Employment laws address minimum wage, overtime, health and safety, discrimination, and benefits
• Litigation risks include breach of contract, product liability, and employment disputes
  • Litigation: The process of resolving a dispute between two or more parties through the court system.
• Robust legal strategies and resources are needed to manage legal risks

Industry Considerations

• Refer to industry-specific standards, practices, and ethical guidelines prevalent in a particular industry
• Not legally binding but influence customer, partner, and regulator expectations
• Examaple:
  • In the Software Development industry, one of the most widely accepted standards is the use of Agile methodologies for project management and product development.
  • Agile methodologies, such as Scrum Kanban, emphasize flexibility, collaboration, customer satisfaction, and delivering functional software in short iterations or sprints.
    • Scrum is a framework with defined roles, events, and artifacts, focused on iterative development within time-boxed sprints. Kanban, on the other hand, emphasizes continuous workflow, visualization, and limiting work in progress. They can also be combined into a hybrid approach called Scrumban.
• Non-adoption may lead to competitive disadvantages and stakeholder criticism

Geographical Considerations

• Geographical regulations impact organizations at local, regional, national, and global levels

• Local considerations include city ordinances, zoning laws, and operational restrictions

  • Example: A city might have zoning laws that prevent the establishment of manufacturing facilities in residential areas.

• Regional considerations, like CCPA (Californian Consumer Privacy Act) in California, impose state-level regulations

  • Example: A regulation imposed by a state or province.

• National considerations, e.g., ADA (Americans with Disabilities Act) in the US, affect businesses across the entire country

  • Example: Ensure accessibility for costumers with disabilities nationwide. Businesses across the country must comply with.

• Global considerations, like GDPR, apply extraterritorially to organizations dealing with EU citizens' data

  • Even if a company is outside of the EU, if it collects or processes the data of EU citizens, it must comply with the GDPR.
  • It affects businesses globally, not just within the EU.

• Conflict of laws between jurisdictions is a significant challenge

  • Data Protection laws vary widely around the world
  • Requires a deep understanding of the legal landscape of each jurisdiction and a flexible approach to governance.

• Navigating these differences requires deep legal knowledge and flexibility in governance

• Organizations must comply with myriad of regulations, which can vary depending on the industry and location.