Writing an Effective Corporate Policy

Before we start talking about how to develop an effective corporate policy, let’s first agree what a corporate policy is (let’s call it just policy for the sake of simplicity).

I’m sure if you look it up you will find many definitions for a policy, but they all somehow revolve around this meaning:

A policy is a document intended to give long-term and high-level directions and decrees regarding the topics they address.

And in order to achieve this, a policy must have certain traits which are:

· being high-level

· illustrating corporate intentions and directions related to the concerned topic

· governing the business activities to achieve objectives.

· defining the limits within which decisions must be made

The structure and content of the policy must be developed to serve these objectives; accordingly, a well written policy must contain the following sections:

1. Purpose

2. Scope

3. Policy Statement

4. Roles & Responsibilities

5. References

6. Glossary

7. Periodic Review & Change History

8. Document Approval

Other sections may be added based on the business needs and the specific topic of the policy being developed however none of these 8 sections should be omitted to ensure completeness, correctness, and effectiveness of the policy.

Each of the 8 sections is illustrated hereunder with tips and examples where possible.

1- Purpose:

The purpose section illustrates the reason for developing the policy.

Typically, the purpose of any policy is to give high-level direction that govern a certain topic or business area to achieve high-level objectives, as such the purpose section answers the questions:

1. why was this policy written?

2. what do we aim to achieve when applying the directives of this policy?

E.g.: Purpose of Quality Policy:

The purpose of this policy is to provide a high-level direction to develop, implement, and maintain a quality management system that enables ABC_XYZ company to:

· achieve customer satisfaction and delight by providing world-class services

· introduce, nurture, and enhance a culture of customer focus and organizational excellence

· build an excellent market reputation and become a partner-of-choice in the sector

2- Scope

The scope of a policy illustrates the boundaries within which the directives of the policy are applicable. There are several types of boundaries (as illustrated below), and all possible types must be considered when developing the scope statement, types of boundaries can be in:

· Business processes

· Organization units

· Products/services

· Geographical

Any exclusion (exceptions) from the stated scope shall be clearly mentioned in this section.

E.g.: Scope of Quality Policy:

The directives of this policy are applicable on:

· all services provided through the Service Delivery organization unit

· end-to-end process from lead generation to service provision and customer service, including all supporting processes

· all ABC_XYZ sites, offices, and clients inside and outside the republic of N/A

Exclusions:

· Services provided by outsourced companies

· Quality control processes on purchased items with warranty certificates

3- Policy Statement

The Policy Statement section is where the decrees of the policy are stated, and AGAIN it shall:

· be high-level

· illustrate corporate intentions and directions related to the concerned topic

· govern the business activities to achieve objectives.

· define the limits within which decisions must be made

Note:

Any detailed information (such as how to execute the directives of the policy) shall NOT be addressed in the policy document, instead, they shall be addressed by the relevant procedure.

E.g.: Quality Policy Statement:

· ABC_XYZ aims to provide world-class services to its clients in compliance with its obligations and in line with the requirements of the internationally recognized standards.

· As part of its strategic objectives to uplift the sector, ABC_XYZ employs innovative ideas, solutions and cutting-edge technologies that keep it ahead of its competitors.

· ABC_XYZ understands the fast dynamics of the sector and keeps abreast of the changes to internal and external business environments and adopts the best strategies to respond to risks and opportunities.

· etc.

4- Roles & Responsibilities

This section shall give a high-level illustration of the roles and responsibilities of the stakeholders of the policy including:

· Parties responsible for policy deployment/execution

· Parties responsible for using and adhering to the policy

This section should also identify (by position) the owner of the policy and the specific responsibilities inherited from being the policy owner.

These inherited responsibilities of the policy owner remain the same for all policies, only the position differs according to the topic of each policy.

The inherited responsibilities of the policy owner include:

· Deploying the policy

· Being the first line of defense to ensure the policy is adhered to by all concerned parties

· Regularly review the applicability of the policy for the intended purpose and scope

· Regularly review the compliance of the policy with concerned laws, regulations, and standards

Note:

Other functional responsibilities shall also be added to the policy owner based on the topic of the policy.

E.g.: Roles & Responsibilities in Quality Policy:

Quality Assurance Department:

· Develop ABC_XYZ Quality Management System (QMS) and ensure it is implemented and maintained in conformance to the requirements of the applied standards.

· Promote the quality culture within the organization through effective communication, awareness and training using appropriate channels, as well as resolving related issues

· etc.

5- References

This section states

· the laws, regulations, and standards upon which the policy is based

· other documents that were referred to in the policy statement e.g.: a relevant procedure, Service Level Agreement (SLA), Delegation of Authority (DoA), etc.

6- Glossary

This section illustrates any uncommon terminology that is used in the policy, e.g.: expansion of an abbreviation, a definition of technical term, etc.

7- Periodic Review & Change History

Any policy must be reviewed on regular basis to ensure its applicability to the most recent directions and scope and compliance to the most recent laws, regulations, and standards.

As a policy is intended to be a long-term and high-level document, it is suggested that a company should review its policies every 3 years.

As such this section shall mention the date (month and year) of next planned policy review.

Notes:

· Although the periodic review of a policy should occur every 3 years, however, a policy may be reviewed before that time in case there is a business need to do so.

· A business need might be a new law/regulation affecting the compliance of the policy, new business scope, new strategic directions, etc.

In order to track the history of the policy, this section should contain a table that illustrates:

· Issue Number

· Issue date

· Change Description

· Reason for Change

8- Document Approval

Policies must be developed, reviewed, and approved by the right parties to ensure their completeness, correctness, and effectiveness when implemented.

Accordingly, this section must contain a table to illustrate the processes/stages needed to issue the policy with the roles involved in each process.

Tip:

To ensure effective execution of the policy, any party that has a role in executing the policy must be part of the reviewing parties.

Writing a corporate policy is easy yet tricky, sticking to the notes in this article will make it only easy.