What we will and won’t do.
Policies are the rules by which an organisation operates. The ‘what we do’ and ‘what we don’t do’. They are important because they give people boundaries in which to do their jobs whilst meeting the organisation’s appetite for risk.
Avoiding the pitfalls of policies
Some common mistakes people make when drafting or using a policy include: introducing elements of process and procedure, making them too long, not including a scope (who the policy applies to), and not communicating/embedding the policy in what people do. It is also worth considering whether you have policies for those areas of your business most prone to exposing you to unacceptable risk.
Policies should be easily accessible, simply worded and no more than a page.
Try not to mix up the roles of strategy, policy, process and procedure. Your policy document is rules based. It does not need to explain why your people should do something – this is the role of strategy. A process outlines how groups of activities are related. Procedures explain how something is done step-by-step. This level of detail doesn’t need to be in your policies. For definitions and the differences between policy, process and procedure, see our Process Documentation and Reegineering page.
Communicate and embed
There is little point in having a policy that people don’t know about until they do the wrong thing! A good way to help ensure people follow policies is to communicate them at induction and embed them in your processes and procedures. If people follow your process and procedures, then they will follow your policies.
Boundary setting through policies has some obvious applications within most businesses: in financial transactions, occupational health and safety, customer service and information security, to name a few.
Need help with your policy development? Contact us today.
