Policy Management

Last updated on 

Getting Started with Policy Management

What is Policy Management?

Policy Management is the process of creating, organizing, approving, and maintaining organizational documents such as policies, procedures, agreements, and plans. The system helps ensure that all documents are properly governed, up-to-date, and accessible to the right stakeholders.

With Policy Management, you can:

  • Create documents – Generate AI, manual authoring, or upload existing files
  • Standardize documentation – Ensure consistency across policies and procedures
  • Manage approvals – Control review and approval workflows
  • Control access – Define who can view or edit documents
  • Track changes – Maintain version history and updates
  • Ensure compliance – Distribute and track acknowledgements

Policy types

Each document is categorized based on its purpose:

  • Policy – High-level rules and principles
  • Procedure – Step-by-step instructions
  • Agreement – Formal commitments between parties
  • Plan – Structured approach to achieve objectives

Document creation

Policies can be created in multiple ways:

  • Generate AI – Automatically generate content using AI assistance
  • Manual – Create documents from scratch
  • Upload Document – Import existing files into the system

Document confidentiality

Each document is assigned a confidentiality level to control visibility:

  • Restricted – Highly sensitive, limited access
  • Confidential – Sensitive internal information
  • Internal Use – General internal documents
  • Public – Accessible to external parties

Access control

Access defines who is responsible for and can manage the document:

  • Owner – Accountable for the document
  • Author – Responsible for creating and editing content

Document status

The status indicates the current stage of the document lifecycle:

  • Draft – Document is being created or edited
  • Pending – Awaiting review or approval
  • Approved – Officially validated and active
  • Rejected – Not approved and requires revision

Change management

Changes to documents are categorized to track their impact:

  • Minor – Small updates with minimal impact (e.g., wording changes)
  • Major – Significant updates affecting content or meaning

Acknowledgement

Acknowledgement ensures that relevant stakeholders have read and understood the document:

  • All – Required for all employees
  • Selected Division – Specific departments or teams
  • Selected Employee – Individual users

What you see in the overview

The policy overview displays key information for each document:

  • Title and type – Name and category of the document
  • Status – Current approval stage
  • Confidentiality level – Access classification
  • Owner and author – Responsible individuals
  • Creation method – AI, manual, or uploaded
  • Last updated – Latest revision timestamp

Tip

Link policies to risks, controls, and compliance requirements to create a structured governance framework. This helps ensure that policies are not only documented but also actively enforced and aligned with organizational objectives.

Managing Policies

The Policy Management module offers tools to manage policies, track assignments, and process external requests. It ensures effective distribution, transparency, and controlled access to policy information.

Policy List

This submenu lists all organizational policies.

  1. Open the Policies module.
  2. Select the Policy List submenu.
  3. Review existing policies and their statuses.
  4. Select a policy to view details as needed.

Creating a Policy

This guide outlines the steps to create a new internal policy.

  1. Open the Policies module.
  2. Click 'Create New Policy.'
  3. Enter the policy title and a brief description.
  4. Add the policy content or upload the relevant document.
  5. Save the policy as a draft.

Editing a Policy

This guide outlines the steps to update an existing policy.

  1. Access the Policy List section.
  2. Select the policy you wish to update.
  3. Choose the edit option.
  4. Make the necessary updates to the policy content or metadata.
  5. Save your changes.

Policy Assignment

Use this feature to assign policies to users or teams.

  1. Open the Policies module.
  2. Select a policy from the list.
  3. Select the user or group for policy assignment.
  4. Confirm the assignment.
  5. Review the assignment status.

Policy Approval

This feature facilitates policy approval prior to publication or enforcement.

  1. Access the Policies module.
  2. Review policies pending approval.
  3. Select a policy to review its details.
  4. Approve or reject the policy as appropriate.
  5. Confirm your selection to update the policy status.

Policy Acknowledgement

This feature records user acknowledgement of assigned policies.

  1. Open the Policies module.
  2. Select a policy from the list.
  3. Review the user's acknowledgement status.
  4. Identify users who have not acknowledged the policy for follow-up as needed.

Policy Version Management

This case outlines the process for maintaining policy versions. Effective version management ensures traceability of all policy updates.

  1. Access the policy detail page.
  2. Review the version history.
  3. Create a new version when updates are necessary.
  4. Save the updated version to complete the process.

Using Policy Management for Internal Governance

The Policy Management module supports structured internal governance by ensuring that policies are consistently documented, approved, distributed, and acknowledged.

Note: This module is intended for internal policy management and does not include external policy sharing or request handling.

Request Policies

The Request Policies feature manages external policy access requests submitted through the Trust Page. It promotes transparency while ensuring controlled disclosure. All requests undergo internal review before access is granted.

Submitting a Policy Request from the Trust Page

This case describes how an external user submits a policy request.

  1. Open the Trust Page using the public access link.
  2. Click Request Access button.
  3. Select the policy request option.
  4. Enter the required requester information.
  5. Submit the policy request.
Please note that access to the policy will only be granted after the request has been reviewed and approved.

Viewing Incoming Policy Requests

This guide outlines the process for internal users to review incoming policy requests.

  1. Open the Policy Management module.
  2. Select the Request Policies submenu.
  3. Review the list of incoming requests.
  4. Select a request to view detailed information.

Reviewing Policy Request Details

This case outlines the process for reviewing a specific request.

  1. Select a policy request from the request list.
  2. Review the requester information and the requested policy.
  3. Evaluate the request based on internal sharing guidelines.
  4. Determine if the request meets the criteria for approval.

Approving a Policy Request

This guide outlines the steps to approve a policy request.

  1. Open the Request Policies submenu.
  2. Select the approve option.
  3. Confirm the approval action.
  4. Grant access to the approved policy as specified.
Note: Approved requests provide access only to the specific policy requested.

Rejecting a Policy Request

This guide outlines the steps to reject a policy request.

  1. Open the Request Policies submenu.
  2. Select the Reject option.
  3. Confirm the rejection.
  4. Close the request to complete the process.

Tracking Policy Request Status

This guide outlines how to monitor policy request statuses.

  1. Open the Request Policies submenu.
  2. Review request statuses, including pending, approved, or rejected.
  3. Use status information for follow-up or reporting.

Using Request Policies for Transparency and Control

Request Policies enable controlled sharing while ensuring security and compliance.

Please review requests from the Trust Page to confirm they align with organizational disclosure policies.