A board pack should help directors govern the company, not merely admire growth charts.
CFO and CEO
Before every board meeting
Issue the pack before the meeting.
Approved monthly financials.
The pack should begin with decisions and exceptions. Directors need to know where performance diverged from plan, which risks require action and what management is asking the board to approve or challenge.
Financial information should reconcile to the monthly close. Revenue, gross margin, burn, runway, working capital and forecast should use stable definitions, with prior-period restatements explained.
Operational KPIs need business context. Customer growth without retention, bookings without collection, headcount without productivity or pipeline without conversion can create a misleading impression.
| Control | What it covers | Operating rule |
|---|---|---|
| Executive summary | Decisions, major changes and unresolved risks. | Limit it to matters requiring attention. |
| Financial review | Actual, budget, forecast and cash bridge. | Reconcile to closed books. |
| Operating metrics | Acquisition, retention, delivery and capacity. | Define every KPI consistently. |
| Governance section | Compliance, litigation, related parties and security. | Record actions and owners. |
Use appendices for detail, but keep material information in the main narrative. Directors should not have to discover a liquidity or compliance issue in a footnote.
Record the source and owner for every critical number. A board decision based on an unsupported metric can become a governance problem during audit, diligence or dispute.
Document the decision, owner, due date and evidence expected. A verbal explanation should be converted into a board note, approved working, contract amendment, portal acknowledgement or reconciliation before the item is treated as closed.
Rules, forms, thresholds and interpretations can change. The operating team should use the latest official source and the actual company facts instead of copying a control from another entity or prior year.
Ask four questions: Is the obligation or accounting treatment applicable? Has the underlying transaction been completely recorded? Does the evidence agree with the books and portal? Has an independent reviewer challenged the exception?
The review should distinguish a timing difference from an error, a judgement from a missing document, and a control failure from a one-time operational delay. Repeated small exceptions deserve root-cause action because they often become material during audit, fundraising, notice or distress.
The operating record should connect the control stages—executive summary, financial review, operating metrics, governance section—to the same transaction population. If the source list, accounting ledger, tax return, board record and management dashboard use different populations, the review can appear complete while exceptions remain outside the test.
Management should define an exception threshold, but the threshold must not hide repeated failures. A small error occurring every month can signal weak master data, unclear ownership or a broken interface. The reviewer should record root cause, immediate correction and preventive action separately.
Closure requires evidence. At minimum, the file should show who prepared the work, who reviewed it, which source documents were used, what differences remained and when the next follow-up is due. Screenshots without context or spreadsheets without source references are not a durable control record.
Conflicts and judgement should be visible before approval. A founder, director or business owner with a personal interest should disclose it and follow the appropriate review route rather than approve the transaction informally.
Diligence quality improves when records are maintained during ordinary operations. Reconstructed minutes, unsigned contracts and after-the-fact explanations may answer a question temporarily but weaken trust and can create separate legal risk.