The principle of the trustees being in control of their organisation is essential to good governance, and is one of the five main principles of the Scottish Governance Code for the Third Sector. As with all of the Code principles, how a board might demonstrate and implement the principle of control will differ across the third sector. The controls needed for a large national organisation with an income of several million pounds will not be the same as those of a small after school club. But the principle will remain the same, that the board should put in place appropriate structures, controls and processes to make sure their organisation is run in line with its purposes and values, governing document, and relevant legal and regulatory requirements.

So knowing your legal responsibilities as a trustee is vital. Legal and regulatory breaches can have expensive consequences, and as a trustee the buck really does stop with you. Keep up to date and take expert advice where you need it.

You also need to have a handle on the finances. All trustees are collectively responsible for the effective financial management of their organisation, it’s not just down to the treasurer. Strong financial governance is vital in an effective organization, and it also helps reassure stakeholders and funders, and the general public, that your organisation is well run. Even if you have staff to delegate to, trustees still retain ultimate responsibility. So the board have to maintain and regularly review appropriate financial controls and reporting arrangements to ensure it can direct and oversee progress and performance.

Trustees must also identify and assess both risks and opportunities for their organisation, and decide how best to deal with them. Managing risk is one of the key duties of a trustee, and is essential to good governance. But this is about more than having a checklist of the worst-case scenarios you might face. It’s about clearly understanding the level of potential risk that is acceptable to enable your organisation to achieve its what it was set up to do. Potential risks are not just financial, regulatory and operational. Also consider external risks that could impact your organisation’s future, factoring in political, environmental, economic, social and technological change.

The board are there to safeguard the assets and reputation of the organisation, and its beneficiaries. It must have strong controls in place to do this. There’s a lot to consider, because good governance is a subtle, ongoing and potentially difficult process. But who ever told you it would be easy?