top of page
Search

When Governance Becomes a Barrier to Value

  • 2 days ago
  • 5 min read

Governance is meant to protect organisations. It exists to manage risk, provide oversight, and ensure decisions are made responsibly.


In theory, good governance enables better outcomes. In practice, however, governance can do the opposite. It can slow delivery. It can disconnect decision-makers from reality. And in the worst cases, it can become a barrier to the very value it was designed to safeguard.


This is not a call for less governance.

It’s a call for better governance.


How Good Intentions Go Wrong

Most governance models don’t start out broken. They are often introduced in response to real issues:

  • A major incident that caused disruption

  • A failed change that drew executive attention

  • Regulatory or audit findings that demanded action


Controls are added. Approval steps are introduced. Assurance mechanisms grow.

Individually, each decision makes sense. Collectively, they often create something far more dangerous: a system optimised for avoidance, not value.


The Warning Signs of Governance Overreach

When governance begins to work against outcomes, the signals are usually clear:


Decisions Move Further Away from the Work

Approval bodies become removed from operational context. Decisions are made by people who don’t experience the consequences, based on information that has already been sanitised.


Speed Is Treated as Recklessness

Delivery is viewed as a risk rather than an enabler. The safest option becomes doing nothing or delaying until the opportunity has passed.


One Size Fits All

Low-risk changes are treated with the same scrutiny as high-risk ones. Teams learn that effort, not judgement, is what gets work approved.


Workarounds Become Normalised

When governance is too heavy, people don’t challenge it, they bypass it. Shadow processes emerge, trust erodes, and risk actually increases. Ironically, governance designed to reduce risk often creates more of it.


Control Without Context Is Fragile

A common misconception is that stronger governance automatically leads to better control. It doesn’t. Control without context creates fragility. It assumes that risk can be fully predicted upfront and managed through static rules. In complex environments (particularly digital and service-based ones) this assumption simply doesn’t hold.


ITIL, along with other modern management frameworks, recognises this reality.


Effective governance is:

  • Proportionate to risk

  • Informed by real outcomes

  • Adaptable as conditions change


Anything else is theatre.


When Governance Becomes a Substitute for Trust

Heavy governance is often a symptom, not the root cause.

When organisations lack trust in their people, their data, or their leadership, governance expands to fill the gap. More approvals. More reporting. More sign-offs.


But governance cannot replace trust.

In fact, excessive controls usually signal that trust has already broken down. Teams feel constrained rather than supported. Leaders feel blind rather than informed. And no amount of process will fix that.


A Value-Focused View of Governance

Governance should answer one fundamental question:

“How does this help us achieve better outcomes?”


Not:

  • “Does this satisfy a checklist?”

  • “Have we always done it this way?”

  • “Will this protect us from blame?”


In a value-focused model:

  • Governance sets direction, not detailed instructions

  • Controls are designed around risk, not convenience

  • Feedback loops matter more than static compliance


This is governance as an enabler, not an obstacle.


Real world scenario: When Risk Governance Blocks Value

Consider a common scenario.


An organisation introduces a new risk control after a production outage. From that point on, all changes (regardless of size or impact) must go through a weekly risk review forum. The intent is sound: reduce the likelihood of another incident.


In practice, this is what happens:

  • Low-risk configuration changes wait days or weeks for approval

  • Engineers spend more time writing risk justifications than delivering fixes

  • Emergency changes increase because planned work can’t move fast enough


Ironically, the governance designed to reduce risk increases operational risk. Systems remain unstable for longer. Technical debt grows. Teams lose confidence in the process.


A value-focused, ITIL-aligned approach would look very different.


Instead of asking, “Has this been through the risk forum?”, leaders ask:

  • What is the actual risk of this change?

  • What is the impact if we delay it?

  • What level of control is proportionate?


Low-risk, repeatable changes follow a lightweight path. Higher-risk changes receive deeper scrutiny. Risk is actively managed, not passively delayed.


This is governance enabling value, not blocking it.


Governance Through the Lens of ITIL Guiding Principles

ITIL provides clear guidance for avoiding governance overreach, if we choose to use it.


Focus on Value

If a governance control does not clearly protect or enable value, it should be challenged. Risk mitigation that delays customer outcomes without reducing meaningful risk is not value-focused.


Start Where You Are

Governance should be designed using real data: incident trends, change outcomes, and service performance, not assumptions or past failures taken out of context.


Progress Iteratively with Feedback

Risk controls should evolve. If a governance step consistently slows delivery or is routinely bypassed, that feedback matters. Static controls in dynamic environments are a warning sign.


Think and Work Holistically

Risk does not exist in isolation. Governance decisions should consider operational impact, people behaviour, customer experience, and long-term sustainability, not just compliance.


Keep It Simple and Practical

Complex risk models and excessive approval layers do not equal better control. Simplicity improves clarity, speed, and accountability.


Optimise and Automate

Where risk can be reduced through automation, guardrails, and standardisation, governance should enable it, not force manual oversight where it adds little value.


A Simple Reflection for Leaders

Ask yourself:


“If we removed this governance step tomorrow, what risk would actually increase, and what value might be unlocked?”


If the risk is unclear but the cost is obvious, that control deserves scrutiny.

Governance that cannot justify its own existence is no longer governance. It’s inertia.


Executive Call‑Out: Governance That Enables Value


If governance is slowing outcomes, here’s where to look first:


Stop

  • Treating all risk as equal

  • Adding approval layers without removing old ones

  • Measuring success by compliance instead of outcomes


Start

  • Designing controls proportionate to risk and impact

  • Using real operational data to inform governance decisions

  • Empowering teams with clear guardrails rather than rigid rules


Rethink

  • Whether governance exists to manage risk, or manage discomfort

  • Who actually carries the consequences of governance decisions

  • How often governance models are reviewed, challenged, and evolved


Governance that cannot adapt will eventually be bypassed.


Final Thought

Strong governance doesn’t slow organisations down. Misaligned governance does.

When governance is rooted in fear, distance, or habit, it becomes a barrier to value. When it is grounded in purpose, context, and trust, it enables faster decisions, better outcomes, and healthier cultures.

The question isn’t whether you have governance. It’s whether your governance is helping you move forward, or quietly holding you back. Ask yourself one pointed question: If a governance decision went wrong tomorrow, who would be truly accountable, and how would value be affected?

 
 
 

Comments

bottom of page