Good policies are essential for every business - how effective are yours?

Ashdin Dubash
insight featured image
Almost everything happening within your business - from decision making and employee behaviour, to ensuring consistency and compliance throughout your organisation – should be guided by clear and effective policies.

How good policies can benefit your business

Good polices comprise formal statements that outline an organisation's intent, principles, objectives, and rules to guide its actions, decisions, processes, and behaviours. They provide a strategic direction for your organisation, foster transparency, help manage risk, and ensure accountability and compliance.

Not having well-crafted policies could lead to severe consequences and potential liabilities. Negligence in policy implementation may result in penalties, fines, or in extreme cases, imprisonment. Policies help minimise these risks, protect board members, management, and employees.

Strong policies could make your organisation less likely to undergo exhaustive government audits that could save the organisation from undue disruption and valuable resource time.

If you’re planning to sell your business, robust policies may even help increase your organisation’s value. They show potential buyers the rules you have in place to mitigate risk, ensure compliance, enhance efficiency, and foster a positive reputation.

Policies help demonstrate your company’s compliance and protect its reputation – and yours. They can help boost employee morale, prevent financial losses, and help you win tenders, making them an essential element of any well-run business. 

How to build and implement highly effective policies

Tailor policies to your organisation

Policies are not only for large businesses – even small and mis-size companies need to have policies in place. The policies your business needs should be specific to your organisation, industry, and risks. For example, all organisations should typically have a policy around employee leave, however a ‘fall protection policy’ would be specific to companies in the construction sector.

We typically find organisations have a suite of core policies. These vary between businesses, but this list will usually include policies that cover the following areas:

  • HR: Leave, recruitment, disciplinary expectations, inappropriate behaviour, health, safety and wellbeing, and conflicts of interest.
  • IT: Cybersecurity, vendor and third-party access, internet/email/mobile use, privacy, and remote access.
  • Finance: Procurement, fraud, sensitive expenditure, risk management, anti-money laundering (AML), asset management, delegations, debt management, contract management.
  • External communication: Social media and external media/public relations
  • Environmental: Sustainability, staff travel, CSR, sustainable procurement
  • Resilience management: Business continuity, disaster recovery, crisis management.

Unfortunately, we’re most often called in to review or create policies after something has gone wrong – when someone has reached for a policy only to find that it’s not there, or it’s so outdated it’s almost useless. A 10-year-old health & safety policy for instance, will be quite unhelpful given all the regulatory changes that have taken place in this area over the last decade. 

Keep it clear and succinct

A good policy helps anyone quickly find the information they’re looking for, and uses simple language and concise information. Good policy contains:

  • an introduction about the policy and its purpose
  • its scope and principles
  • definitions to set out the key concepts
  • roles and responsibilities
  • a related legislation, policies, and procedures section to point readers to any related documents. 

The pitfalls of procedure in policy

Often, policy can veer into procedure; the difference is an important one. Policies offer guidance about the rules or expectations for certain areas of the business, whereas procedures provide specific instructions about how to implement a policy.

Including detailed processes in policies can confuse readers and make documents unnecessarily complex. Keeping policies and procedures separate allows for adaptability, faster updates, and clearer responsibilities.

If your policies already contain procedures, you should separate these out and move them into a separate document, and include cross references in each to show the connection between the documents. 

You’ve developed policies, now what?

Once policies are approved, the key is to ensure they don’t gather dust because people are unaware of them. Your policies should be communicated widely across your business, so everyone knows they’re available and where they can be found, and it’s essential to:

  • train employees about policies and procedures to ensure they’re complied with
  • establish monitory mechanisms to track policy adherence
  • regularly review and update your policies to keep them relevant and aligned with your organisation’s needs.

Once you have excellent policies in place, you’ll find their impact is significant. They can help mitigate risk, boost compliance, improve efficiency, build a positive reputation, foster employee satisfaction and protect your IP. 

There’s no time like the present to craft perfect policies for your organisation, to help it survive and thrive, no matter what challenges come your way.