Decision Integrity as a Governance Control System : Why boards must govern for signal quality — not just decision outcomes

Dr Alwin Tan, GAICD, MBBS, FRACS, EMBA (Melbourne Business School)

Senior Surgeon | Governance Leader | HealthTech Co-founder |
Harvard Medical School — AI in Healthcare |
Australian Institute of Company Directors — GAICD graduate |
University of Oxford — Sustainable Enterprise

By the Institute for Systems Integrity (ISI)

Executive summary

Across sectors — healthcare, financial services, energy, aged care — governance failures rarely arise from absence of rules.

They arise from distorted signals inside decision systems.

Boards are typically well-informed.
They receive:

• reports
• dashboards
• risk summaries
• assurances

Yet failure still occurs.

Because:

Information is not the same as truth.
And decisions are only as good as the signals they are built on.

At the Institute for Systems Integrity (ISI), we define this as a failure of decision integrity.

This paper reframes governance from:

• compliance with rules

to:

• control of information fidelity, escalation integrity, and decision process quality

1. The governance gap: compliance without integrity

Modern governance frameworks are robust.

• ASX Corporate Governance Council emphasises risk oversight and disclosure
• Australian Prudential Regulation Authority focuses on operational risk and accountability
• Australian Securities and Investments Commission highlights non-financial risk and information flows

Yet major failures persist.

Why?

Because these frameworks assume:

👉 information reaching the board is sufficiently accurate, complete, and unfiltered

In practice, it often is not.

2. Decision integrity: a system definition

ISI defines decision integrity as:

The degree to which a board’s decision reflects reality, given available information, uncertainty, and system constraints.

This depends on three system conditions:

1. Signal fidelity

• Are facts preserved or distorted?
• Is bad news degraded as it moves upward?

2. Escalation integrity

• Do concerns reach the board?
• Or are they filtered, delayed, or suppressed?

3. Processing integrity

• Does the board test assumptions, alternatives, and uncertainty?
• Or converge prematurely under pressure?

Failure in any one domain is sufficient to compromise the decision.

3. Where decision systems break

Across industries, failure patterns are consistent:

1. Suppressed escalation

• concerns raised but not progressed
• whistleblowers ignored or penalised

2. Filtered reporting

• language softened as information moves upward
• material risk reframed as “manageable”

3. Normalised deviation

• workarounds become standard practice
• exceptions become invisible

4. Incentive misalignment

• performance rewarded over compliance
• bad news carries personal risk

5. Psychological unsafety

• speaking up is career-limiting
• silence becomes rational

These are not failures of policy.

They are failures of system integrity.

4. Why boards cannot rely on “being informed”

Regulatory and governance literature consistently reinforces the importance of being informed.

Under the Corporations Act 2001 (s180), directors must exercise care and diligence.

However:

Being informed is a necessary condition.
It is not a sufficient one.

ASIC’s work on information flows highlights that boards may receive large volumes of information while still lacking:

• clarity
• materiality
• challenge

This creates a false sense of assurance.

5. The illusion of completeness

A recurring governance failure mode is high-quality presentation masking low-quality signal.

Characteristics include:

• clean dashboards
• consistent metrics
• reassuring narratives

But beneath this:

• near misses unreported
• complaints fragmented
• staff concerns unaggregated
• frontline deviation unmeasured

This creates:

The illusion of control in the absence of visibility

6. Decision integrity vs outcome bias

Boards are often judged retrospectively.

But governance must resist outcome bias.

A good decision can produce a bad outcome.
A bad decision can produce a good outcome.

The critical question is:

👉 Was the decision process defensible, informed, and appropriately challenged?

Courts and regulators consistently examine:

• what was known
• what should have been known
• what questions were asked
• what alternatives were considered

7. The Decision Integrity Loop™ (ISI Framework)

ISI proposes a governance control model:

Decision Integrity Loop™

1. Signal Capture

• source diversity (frontline, audit, complaints, data)
• protection of weak signals

2. Signal Preservation

• prevent filtering, softening, or delay
• maintain fidelity of adverse information

3. Signal Validation

• test for completeness, contradiction, bias
• triangulate sources

4. Decision Framing

• define real options (not false binaries)
• clarify uncertainty and assumptions

5. Decision Execution

• align timing with risk (not pressure)
• ensure accountability clarity

6. Feedback & Learning

• identify system causes (not just events)
• adjust controls, incentives, and culture

Failure at any stage breaks the loop.

8. Sector example: healthcare as a signal-sensitive system

Healthcare demonstrates decision integrity failure clearly.

Risks rarely present as immediate catastrophic events.

They emerge through:

• delayed escalation
• fragmented information
• normalised workarounds

Examples:

• deterioration missed due to documentation gaps
• medication risks hidden in discharge summaries
• staff concerns dismissed as “isolated issues”

In such systems:

Silence is not safety.
It is signal loss.

9. Implications for boards

Boards must shift from:

❌ “Are we compliant?”

to:

✅ “Can we trust the signals informing our decisions?”

This requires:

Structural changes

• independent information channels
• direct access to risk, audit, and frontline signals

Cultural changes

• psychological safety for escalation
• protection of dissent

Process changes

• explicit testing of uncertainty
• structured decision frameworks

Accountability changes

• ownership of information integrity
• not just decision outcomes

10. Governance as a control system

Governance should be understood as:

A control system that converts signals into decisions under uncertainty

If signals are distorted:

👉 decisions will be misaligned with reality

No amount of policy, compliance, or reporting volume can compensate for this.

Conclusion

Boards do not fail because they lack frameworks.

They fail because:

• signals are suppressed
• information is filtered
• uncertainty is ignored
• decisions are rushed
• learning is absent

Decision integrity is therefore not a behavioural aspiration.

It is a system requirement.

Final line

Compliance tells you what should happen.
Decision integrity determines what actually happens.

Harvard-style references

Australian Securities and Investments Commission (ASIC) 2020, Director and officer oversight of non-financial risk, ASIC, Sydney.

Australian Prudential Regulation Authority (APRA) 2018, Prudential Inquiry into the Commonwealth Bank of Australia Final Report, APRA, Sydney.

Australian Prudential Regulation Authority (APRA) 2024, CPG 230 Operational Risk Management, APRA, Sydney.

ASX Corporate Governance Council 2019, Corporate Governance Principles and Recommendations, 4th edn, ASX, Sydney.

Corporations Act 2001 (Cth), s 180.

Janis, I.L. 1972, Victims of Groupthink, Houghton Mifflin, Boston.

Jansen, P.A.M. 2021, ‘Board processes revisited’, Corporate Governance: The International Journal of Business in Society.

OECD 2023, G20/OECD Principles of Corporate Governance, OECD Publishing, Paris.