Leadership, governance, systems and risk

Find out about our senior leadership team, governance system and how we manage risk.


Our senior leadership team consists of the Secretary (Chief Executive), 10 deputy secretaries, and the Chief Advisor to the Secretary. They are responsible for MBIE’s organisational strategy, Te Ara Amiorangi, and the achievement of MBIE’s strategic outcomes, including the ongoing stewardship of MBIE, its people, systems and functions.

The senior leadership team champions our values, drives cultural change and ensures we focus our efforts and resources in the right areas at the right time. The team also works to establish systems and processes so MBIE can perform effectively. Over the past year, we have been working through strategic work programmes such as our Digital Blueprint and Empowered by Data Roadmap – focusing on cloud-based technology options, improved security architecture, quality data and analytics, and the modernisation of our services and systems.

Governance system

Our governance system, Mana Whakaruruhau, ensures proper oversight across our performance and delivery. Mana Whakaruruhau is also the system through which the organisational strategy, Te Ara Amiorangi, is advanced and monitored.

Managing risk

Managing risk is an important part of how we operate, and we integrate effective risk management into our culture, governance arrangements, business planning and decision-making processes. Managing risk is the responsibility of everyone at MBIE, and people are supported to do this by the Enterprise Risk and Compliance branch. An external risk and advisory committee provides independent, objective advice on the framework and insights on risks and how MBIE is responding to these. The Internal Assurance team at MBIE provides independent assurance to our Secretary and the Risk and Advisory Committee that our risks are being managed effectively.

A high-priority example of risk mitigation, continuing on from the past financial year, is our cyber security work. This work includes several initiatives that continually review and refine our capability to identify and protect against cyber security threats, detect and mitigate potential intrusions and/or other unauthorised actions.