Having good governance in the form of sound compliance procedures running throughout an organisation is essential. Well thought-out policies that are adhered to enable stability within the practices of your business. However, when policies are difficult to find, understand or implement, it can cause difficulties and potentially make your organisation vulnerable. Complexities can also arise from the management of a policy’s lifecycle; the administration alone can be an arduous and manual undertaking.
The level of resource needed to serve your organisation’s policy management can be a big factor. Some organisations have teams dedicated to managing these policies, whereas other companies may just have one person (or several systems in place!) in charge of policy management. A common issue many organisations face, no matter their size and resource, is the ability to enforce these
Luckily, we have a solution involving SharePoint for enforcing policies! (Read more about the solution here)
How are policies usually enforced?
This is something many organisations struggle with (and often come to us for advice on!) Generally, organisations rely on ‘self-service’ and for their employees to fully read and understand its Company Policies. However, there is little in the way of proving and verifying who has read the policies and when. Many organisations that approach us need this type of functionality within their CMS.
Which departments get involved in policy management?
This is a good question. Depending on the size of organisation you may have a compliance & risk unit set up to ensure enforcement. Typically, mid to large size organisations have their policies management via an HR function – but there are obvious policy areas where other departments are responsible. (e.g., the IT Dept managing the data and IT security policy, and the Finance Dept responsible for expenses policies)
The lifecycle of a policy is managed differently depending on many different factors. These include:
- Additions to the policy – meaning there may be various different versions published
- Who has access to the policy, and who’s allowed to make changes to its content
- Changes in the format of where and how the policy is published (e.g. going from a physical booklet to a Microsoft Word attachment in an email to then going to a link published through the company Intranet)
- How the policy is communicated to the organisation (again, is it via a Word Document, PDF, PowerPoint, Video, a physical document, or a dedicated link in an Intranet? Is the Intranet easily accessed by those who work remotely or in disparate offices?)
- The approval process of a policy. How many people in the organisation need to review the policy before it’s published? What’s the review process of the policy? Are alerts triggered to the right people telling them to update and redistribute it?
A SharePoint solution for enforcing policies
Out of the box, SharePoint has fantastic functionality when it comes to document management. Audit logs in SharePoint can provide some level of reporting on your stored Documents. This can
soon become bloated with irrelevant information that’s difficult to interpret. This is where we can help. We’ve devised a simple solution to record who has read what (and when they read it) within SharePoint online.
Business Agility’s Policy Tracking tool is a solution especially designed using the power of SharePoint. Our Policy Tracking tool makes it easy to track and view the status of policies in your organisation. Using the power of SharePoint, our Team can flexibly integrate the Policy Tracking tool to fit with your specific requirements allowing better governance. The tool doesn’t come with additional licence costs (unlike many third-party supplier tools!)
The Policy Tracking tool introduces a ‘Policy Read Log’ which displays information (to those who have and need access to it) showing the date and time a policy was last read. If needed, this can be exported into other Office 365 apps, or reported on using Power BI.