Writing the Governance Section
If you have been dreading the Governance section, relax. This is the easiest section to write in the entire report. The data is well-sorted, most of it already exists in the company's annual report and corporate policies, and the topics are well-defined with less room for ambiguity than Environmental or Social sections.
That does not mean it is unimportant. Governance is the foundation that investors, regulators, and rating agencies look at to assess whether the company has the structures and oversight mechanisms to actually deliver on its environmental and social promises. A company with great emissions data but weak governance raises a red flag: who is making sure these numbers are real and these commitments are followed through?
Why Governance Data Is Easier
The reason this section is easier than the others is simple: governance information is already documented. The annual report contains board composition, meeting attendance, committee structures, and executive compensation. Corporate policies cover ethics, anti-corruption, whistleblower mechanisms, and risk management. Board charters and terms of reference are often publicly available.
Your job is not to create this information from scratch. Your job is to draw from what exists, organize it around the sustainability report's structure, and add a sustainability governance lens where needed.
Governance is the easiest section because the data already exists. The annual report, corporate policies, board charters, and company secretarial records contain nearly everything you need. Your task is to organize it for the sustainability report's audience and frame it through a sustainability governance lens - not to reinvent what is already well-documented.
The Core Governance Topics
Governance Structure. Start here. Many companies do not focus enough on presenting a clear governance structure, and it is the first thing that sets the tone for the entire section. Who is on the board? How is the board organized? What committees exist? How do they relate to each other? How does information flow from management to the board?
A governance structure diagram is incredibly valuable here. Even a simple chart showing the board, its committees (Audit, Risk, Nomination and Remuneration, CSR/Sustainability), and reporting lines gives the reader an immediate understanding of how oversight works.
Board Composition. Total number of directors, split by executive and non-executive, independent and non-independent, gender, and age. Meeting attendance records. Tenure of directors. This data is typically available from the company secretary's office and is already reported in the annual report.
Board Committees. List the key committees, their mandates, and how often they meet. Particularly important is whether there is a dedicated sustainability or ESG committee at the board level - this signals that sustainability is a board-level priority, not just an operational matter.
Ethics and Anti-Corruption. The company's code of conduct, anti-bribery and anti-corruption policies, how they are communicated to employees, and any training provided. Report any confirmed cases (or confirm zero cases) during the reporting period. If there is a compliance framework or a Chief Ethics Officer, mention it.
Risk Management. How does the company identify, assess, and manage risks - including sustainability-related risks? The risk management framework, who oversees it, and how it integrates ESG risks. Many companies have a separate risk section in the report, but the governance section should at least reference the oversight mechanism.
Executive Compensation. How is executive pay structured? Is any portion linked to sustainability or ESG performance? Increasingly, companies are tying a percentage of variable pay to ESG metrics - this is worth highlighting if it exists, as rating agencies view it positively.
Whistleblower Mechanisms. Does the company have a whistleblower hotline or reporting mechanism? How many reports were received? How were they resolved? Is the mechanism available to external stakeholders (suppliers, communities) or only internal employees?
Emerging Areas: Where Governance Is Expanding
The traditional governance topics above are well-established. But three emerging areas are becoming increasingly important and offer opportunities to make the Governance section more forward-looking and substantive.
Tax Governance - This is a fascinating and increasingly scrutinized area. How does the company manage its tax obligations? Is there a tax strategy approved by the board? Does the company have a policy on aggressive tax planning? GRI 207 (Tax) asks companies to report on their approach to tax, and investors are paying more attention to whether companies pay their "fair share" versus using aggressive structures to minimize tax in operating jurisdictions.
Writing this is not as hard as it sounds. Most companies have a tax policy or at least a statement on tax governance. Frame it as: "The company's approach to tax is governed by [policy/board-approved strategy]. The company does not engage in aggressive tax planning and ensures compliance with tax laws in all operating jurisdictions."
IT Governance and Data Governance. This is an area where a surprising amount of data is available if you ask the right department. How does the company manage cybersecurity? What is the data privacy framework? Are there any ISO 27001 certifications or SOC 2 compliance reports? How many data breach incidents occurred during the reporting period?
With digital transformation accelerating across industries, IT governance is no longer a niche topic - it is material for almost every company. Investors want to know that the company is protecting customer data, managing cyber risk, and investing in information security.
Think of IT governance in an ESG report like the locks on a building's doors. Nobody visits a building specifically to inspect the locks - but if you find out there are none, you immediately question whether anything inside is safe. IT governance serves the same function: its presence reassures stakeholders that the company is managing a critical risk, and its absence raises concerns.
Board Skill Sets and Competencies. This is increasingly asked for by standards like IFRS S1 and IFRS S2, which require disclosure on the competencies available to the board to oversee sustainability-related risks and opportunities. Do any board members have specific expertise in climate science, environmental management, human resources, or technology? Is there a skills matrix for the board?
Many companies already maintain a board skills matrix for corporate governance purposes. If one exists, adapt it for the sustainability report - highlight competencies relevant to ESG oversight. If one does not exist, this is a good recommendation to make to the client for future reporting cycles.
Three emerging governance areas worth including: tax governance (GRI 207, investor scrutiny on fair tax practices), IT and data governance (cybersecurity, data privacy, breach incidents), and board skill sets (IFRS asks whether the board has competencies to oversee sustainability risks). These areas differentiate a governance section that covers the basics from one that is genuinely comprehensive.
Drawing from the Annual Report Without Copy-Pasting
The annual report is your primary source for governance information. But the sustainability report is not a copy of the annual report - it needs its own identity and framing.
The key difference is the sustainability governance lens. The annual report describes the board structure in the context of financial oversight and business strategy. The sustainability report should describe the same structure in the context of how it oversees ESG performance. Same facts, different framing.
For example, the annual report might say: "The Risk Management Committee meets quarterly to review the company's risk register and mitigation plans." Your sustainability report version: "The Risk Management Committee, which meets quarterly, has integrated climate-related risks and social risks into the company's enterprise risk framework. During FY26, the committee reviewed [specific ESG risk topics]."
You are adding the sustainability dimension, not repeating what the annual report already says. A reader who has both documents should see them as complementary, not duplicative.
Structuring the Governance Section
A clean structure for the Governance section:
- Introduction - Why governance matters for sustainability. The board's role in overseeing ESG performance.
- Governance Structure - Board composition, independence, diversity. Structure diagram if possible.
- Board Committees - Key committees, mandates, meeting frequency. Highlight the sustainability/ESG committee if one exists.
- Ethics and Compliance - Code of conduct, anti-corruption, training and awareness.
- Risk Management - Framework, ESG risk integration, oversight.
- Executive Compensation - Structure, any ESG-linked components.
- Whistleblower and Grievance Mechanisms - Reporting channels, cases received, resolution.
- Emerging Topics - Tax governance, IT/data governance, board competencies.
Here is a way to think about why governance matters in the sustainability context: Environmental and Social sections tell stakeholders what the company is doing. The Governance section tells them why they should believe it. A company that reports a 20% emissions reduction is making a claim. A company that reports the same reduction AND shows that there is an independent board committee overseeing climate data, a risk framework that includes environmental risks, and executive compensation tied to emissions targets - that company's claim is far more credible. Governance is the trust layer of the report.
Common Mistakes
Too thin. Some companies treat Governance as a one-page afterthought - a paragraph on board composition and a sentence about the code of ethics. This signals to rating agencies that governance is not taken seriously.
Pure copy-paste from the annual report. Readers notice, especially analysts who read both documents. Add value by framing governance information through the sustainability lens.
Ignoring emerging topics. Sticking only to traditional governance topics (board, committees, ethics) when standards and investors are increasingly asking about tax, IT, and board competencies. These emerging areas are where you can add the most value and differentiate the report.
No forward-looking element. Governance sections that only describe what exists today miss the opportunity to show what the company is building toward - new committees, new policies, new board competencies planned for the next cycle. A short paragraph on governance improvements in progress adds momentum to the section.
The Governance section may be the easiest to write, but that does not mean it should be the least thoughtful. Done well, it gives the entire report credibility. Done poorly, it undermines everything else.
Key Takeaways
- 1Governance data is the easiest to gather because most of it already exists in annual reports, board charters, and corporate policies - your job is to reframe it through a sustainability lens
- 2Core topics include governance structure, board composition, committee mandates, ethics and anti-corruption, risk management, executive compensation, and whistleblower mechanisms
- 3Three emerging areas differentiate a strong governance section: tax governance (GRI 207), IT and data governance (cybersecurity, data privacy), and board skill sets and competencies (IFRS S1/S2)
- 4Do not copy-paste from the annual report - add the sustainability governance dimension so the two documents are complementary, not duplicative
- 5Include a forward-looking element showing governance improvements in progress, such as new committees, policies, or board competencies planned for the next cycle