The concept of accountability Is based on the principle that every person or group is responsible for their actions, primarily when their acts affect the governance, risk management, compliance and IT security areas. Accountability further refers to the liability or responsibility for the actions of a particular function. Accountability must be embedded in the system’s design, implying that formal checks and balances are built into the system architecture (compliance by design). Promoting accountability is also crucial for corruption and fraud prevention

Implementing and embedding accountability requires GRC energy. Each function, role, interest groups, and involved party understand that those who govern, monitor and manage must follow the legitimate mandates and explain their actions. Additionally, they are confident they can do so securely and respond honestly when liability issues are not taken seriously.

Accountability promotes integrity, honesty and responsibility

Initially, the distinction must be made between horizontal accountability (checks and balances) and vertical accountability (accountability of various functions). Governance mechanisms or tools designed to promote accountability must also be embedded in the code of ethics or a code of conduct. Such codes are essential tools for promoting integrity, honesty and responsibility among individuals and functions to ensure honourable and proper performance of the corporate functions

It is a complex and challenging task to measure accountability if different jurisdictions do not adhere to standard governance principles across the global organisation. These issues can be solved by:

  1. existence and quality of procedures,
  2. clear job descriptions
  3. levels of capacity, educational, technical qualifications and professionalism
  4. regular assessments and direct observation.

Accountability can be measured by examining different aspects of GRC and IT security indicators for compliance.

  • Governance effectiveness and the quality of performance
  • Regulatory quality and adherence to policies and procedures
  • The rule of law: perceptions of crime, an effective judiciary, enforceable contracts
  • Corruption: control of corruption, measured through composite survey instruments

The ethics and integrity component in the code of conduct mentioned above is related to the assessment and capacity to control corruption and ensure that resources are available to avoid corrupt practices and hold the person or function accountable based on the following aspects: independence, administrative burden, and transparency.

The ranking is a subjective assessment and measuring  

Adequate data on monitoring governance issues provides and holistic approach to assessing integrity. However, monitoring and measure how the rule of law is felt and perceived by the organisation and stakeholders must ensure the reliability of any subjective assessments and possible sampling biases, due to different degrees of willingness on the part of survey respondents.

Each of the above measurements has limitations in assessing accountability, as every measurement of multiple GRC components is designed to detect only certain things and ignore others. Therefore, management ensures exactly which methodology can measure and how are the parameters developed and constructed.

Another reason for the difficulty in defining and measuring accountability in GRC is the theoretical, methodological, and empirical approach that defines and conceptualises the term “governance, risk, compliance and IT security differently in the department, divisions, and the organisation, The term GRC is now widely used, and the attempts to define and measure GRC are essential, despite the challenges. So start the journey to achieve the goals.