Do you need a policy on policies?
Written documentation is essential for effective and consistent communication within organisations, and the provision of clear, written policies and procedures that reflect current practice and community expectations assists in accountability. Further, written policies and procedures provide tangible evidence of intended practices that are consistent with the organisation’s values, and should be regularly reviewed, evaluated and updated.
However, having reviewed a great many policy documents, my colleagues and I have found this to be far from the case in many organisations. For example, there may be no standard templates for policy documents (i.e. policies, procedures, guidelines, etc.) and the documents will have no review dates or are overdue for review. If this is the case, a ‘policy framework policy’ or ‘policy on policies’ can help. Even in organisations where there is a central repository of up-to-date policy documents (e.g. intranet or policy manual), a policy framework policy can guide the development of policies and procedures to ensure those documents are consistent and user friendly.
Key elements of a policy framework
The key elements of the policy framework to establish in your policy on policies are:
- Policy hierarchy – sets out the documentation that defines and governs the organisation’s activities, listed in order of precedence.
- Policy and procedure development process – sets out the requirements for creating policies, procedures, etc., including process maps and document templates.
- Roles and responsibilities – information about who is involved in the process of developing policies and what they do as well as who has the authority to approve policies and procedures for publication and distribution.
Any policy framework within an organisation will have a series of associated levels, each of which will have different objectives. Figure 1 illustrates the components of a policy framework, which itself is guided and regulated by the overall statutory framework within which the organisation operates. For example, an APRA-regulated financial institution will have different policy needs to those of an ACNC-regulated charity.
Figure 1: Policy hierarchy
Some organisations will differentiate between policies and procedures. Procedures generally reflect governance or operational standards, provide a specific guide to decision making, and explain how policies are put into effect. But sometimes ‘policy’ and ‘procedures’ are linked in a document, which will be described as a ‘policy’. For example, there may be the expectation that some policies, such as those related to conflicts of interest, will include the relevant procedures to deal with a conflict or potential conflict when it arises.
There will generally be two categories of policies in an organisation:
- Governance – policy with board level risk or strategic implications or with board level statutory or regulatory requirements (e.g. ASX, APRA), and relates to the processes of decision making and the controls and behaviours that support effective accountability and performance outcomes (e.g. risk management policy, code of conduct);
- Operational – policy other than governance policy. These may be:
- An organisation-wide operational policy, which refers to practices across a range of activities (e.g. travel policy); or
- A specific operational policy, which refers to matters in respect of a specific activity and relevant to all staff (e.g. human resource policy).
Templates should be developed for each type of policy document the organisation uses to ensure they are presented consistently. Information should also be provided about how to use each template.
Policy and procedure development process
An important topic to include in any policy framework policy relates to the triggers for a new policy and/or procedure. For example, these may include changes to the external operating environment, a review of the strategic direction of the organisation, or changes to government policy or legislation.
The development and revision of policy documents will generally comprise a process similar to the one set out in the table below. This process should be fully explained in the procedure section of the policy or a separate procedure document depending on your organisation’s preference.
- Needs analysis: Identification of need for the development of a new policy or procedure or review of an existing policy or procedure
- Appointment of a policy author and policy approver
- Research and data gathering
- Draft document
- Circulation of draft document
- Consultation with stakeholders
- Circulation of redrafted document
- Policy approval
- Communication and implementation
- Maintenance and review
The importance of terminology
I would advise setting up a glossary or vocabulary of definitions to ensure consistency of terms in your policy documents. Policy documents with multiple definitions for a single term, obscure acronyms or technical/professional jargon can cause a great deal of confusion to users, who may inadvertently breach a policy through a lack of understanding about what was meant. It is also a major reason so many employees find it difficult to read policy and procedures. Write your policy documents in plain English, and avoided jargon, acronyms and abbreviations wherever possible. If you must use jargon, make sure the term is clearly defined the way the organisation wants it interpreted so there can be no misunderstanding on the part of those looking for guidance in the document.
Roles and responsibilities
Setting out the roles and responsibilities are essential to an effective policy framework. This includes:
- the need for clear authority for the formulation of policy documents (i.e., delegations of authority);
- guidance concerning the responsibilities of policy owners and how policy is formulated, approved and disseminated;
- the selection of a policy system manager for the management of organisational policy documents and for setting standards as to the development, content and review of those documents.
A policy document must be approved by the highest delegated authority. For example, the board (for all new or any major amendments to existing governance policy documents or to firm-wide operational policies which have significant risk, compliance or cost implications) or the CEO or a delegated authority (for new or major amendments to existing operational policy documents which do not require board approval).
Why have a policy on policies?
Policy is important to the efficient and effective operation of the organisation. It is a tool enabling:
- Individuals to get on with their jobs without the need to discuss issues each time they arise;
- Participants from different parts of the organisation to work towards a common goal;
- Consistency and predictability throughout the organisation;
- Compliance with legal and other requirements; and
- Quality assurance and improvement.
Therefore, the rationale for a policy framework policy is to ensure that organisational policies are established, applied, monitored and reviewed consistently and appropriately across the organisation. Such a framework will make all organisational policies subject to a formal approval process and ensure all policy documents are stored in a centrally maintained document management system. It will be of long-term application to the organisation as a whole and will:
- Help ensure that the organisation complies with relevant legislation, industry and other standards, and community expectations;
- Assist the organisation to attain its mission and strategic goals;
- Promote operational efficiency; and
- Reduce risks.
 For more on policy frameworks, see G. Kiel, G. Nicholson, J.A. Tunny & J. Beck, 2012, Directors at Work: A Practical Guide for Boards, Thomson Reuters, Sydney, pp. 375-392.