Companies have a lot of best practices, standard operating procedures, unwritten rules, and policies that they wish for their employees to abide by in order to ensure a safe and efficient workplace for all.
Corporate policy management software provides the tools needed to create, deploy, share, and organize these policies in real time in an easy to find and follow way.
This guide will walk you through exactly what this software is, how it benefits corporations, what it is used for, as well as common risk management policies that most compliance managers will want in their policy portal as created by their corporate policy software.
Corporate policy management software allows organizations to create company policies and digitally share those policies with employees and any relevant parties within the organization.
Most corporate policy management software creates a centralized location or employee portal where policies can be accessed, reviewed, and attested to by the employees for which the policy applies.
For the policy administrator, this software can be used to create, collaborate, edit, modify, get approval for, both new and amended policies, and replaces old fashioned paper based policies with non-digital signatures.
Corporate policy management software has document creation built in standard for most systems. This means you can create new corporate policies using a WYSIWYG (what you see is what you get) editor, similar to what you would see in most email clients, Microsoft Word, or Google Docs. In other words, if you can write an email or type a word document, you can create new policies for your organization in your policy software. Better still, because all policies created with a corporate management software are available digitally, they can be shared with managers, other people on the compliance team, or executive level managers at the company, for expedited review and approval. In short, this enables policies to be created faster than the old paper based red-line method.
As alluded to above, sharing new or updated policies is made easy with company policy management software. Typically when a new policy is created or an existing policy is updated, it is now time to get buy-in from management, and once approved/implemented, to make sure that employees know the new policy is in place. Corporate policy management software functions as a centralized repository of all your company policies, and allows you to share new or updated policies with employees with the click of a button. The system can deliver notices to employees about new policies or policy changes via email, text, or in some cases via Slack or Microsoft teams. On top of this the system provides the employee with more information on the policy (via the policy portal) as well as tracks which employees have read and agreed to the new or changed policy.
Legally speaking, an employee violating a policy that they did not not know was in place is a bit of a grey area. However with proper corporate policy management systems in place, it is a situation that can be easily avoided. Through what is known as attestation policy administrators can easily keep track of which employees have read, signed, or otherwise acknowledged and accepted that they will adhere to policies put in place by the company. This allows for corporations to hold employees accountable for violations of these policies, and policy administrators or HR to quickly follow up with any employees who have not accepted the policy terms.
As we touched on above, employee attestation can be fully automated with your company policy management software. Not only does it allow relevant parties (managers, HR representatives, policy admins, etc.,) to see who has and has not accepted new policies or policy updates, but it can also schedule reminders to those who remain delinquent (unsigned), send these reminders by text, email, or chat, and let managers know when it is time to escalate the issue and/or speak with the employee. This can save a lot of follow up time for managers and policy admins, and can also take some of the frustration out of the scenario as well.
Whether your company is looking to achieve SOC 2, PCI, GDPR, or any other type of compliance that needs employees to follow certain policies and procedures, one major pitfall is if an organization cannot prove to regulators that employees have accepted accountability for adherence. You cannot get SOC 2 signoff for example if your employees have not agreed to a BYOD (bring your own device) policy and installed relevant software. With the right corporate policy software in place you can not only follow up with employees to increase acceptance, but can also automatically report acceptance rates back to any regulatory body.
As employees move up within an organization, they are often replaced by their subordinates who are getting promoted at the same time. Maybe an employee being promoted to manager for the first time will need to agree to corporate management policies, or someone being given a corporate credit card might need to accept the company credit card policy. Policy software can keep track of who needs to sign what based on role, job title, number of employees managed, or any other metrics that you define. This takes the guesswork out of what needs to be signed, by who, and when, and makes succession planning from a policy standpoint very simple.
Many corporate policies are subject to frequent changes, from corporate travel policies, to work from home policies, to hiring policies, and these changes need to be conveyed to all members of the organization quickly and easily. With policy software handling these frequent changes, it is very easy to unpublish old or outdated policies (to avoid confusion) and to bring new policies to the attention of affected parties. Policy management software also allows for policies that have not been updated in a substantial period of time to be flagged to administrators for review or deletion.
With less time spent creating policies, less time updating policies, and less time chasing down employees for attestation, having a policy management solution in place will save significant time for your organization. The time savings alone make corporate policy administration systems well worth the initial investment.
Gone are the days of the paper based employee handbook, or the binder full of policies and procedures for new hires. Not only does this mean information can be easily accessed in one place, but that all employees across offices, locations, and global regions can see shared policies that are applicable to them. This means greater consistency and compliance company-wide.
By putting in place policies for each and every one of your employees and having attestation to confirm that they agree to follow these policies, your company can reduce its legal risk in the event that an employee violates the terms of policies. Thus potentially protecting your company from legal ramifications. For example, a company is more likely to be held legally accountable for sexual harassment or unfair hiring practices as a result of an employee action if they do not have a policy in place, than they would be if there is a policy expressedly forbiding that behaviour and the employee violates it.
Corporate policy management software is used for keeping track of company policies and sharing relevant policies with all relevant employees or members of the organization. In short, it makes sure employees know their rights and responsibilities via an easy to access searchable database of in force company policies.
Typically a policy administrator is responsible for managing corporate policy software. However, it is extremely common for each department to work collaboratively on the corporate policies that are relevant to them, for example: The human resources (HR) team might develop time off or vacation policies and harassment policies; the accounting team might develop credit card, travel, and expense policies, and the information technology (IT) team might develop computer use and security policies.
Once you have a corporate policy management software, adding new policies is simple. Consider following the steps outlined below:
After observing the way that employees have been dealing with workplace issues, to monitoring changes in the economic environment, to addressing new laws, rules or regulations, try to observe instances where company policy could improve your workplace. Whether this involves clarifying return to work policies in the post pandemic era; to workplace safety compliance needs for new OHSA regulations; to frequent questions or complaints based on current policies; if something can be addressed by policy it likely should be.
At this point you should write down the key areas that the policy aims to address, as well as who it would apply to and how it will be enforced. Once you have the draft of the policy, share it with other members of the management team, especially those in the department it will impact the most (eg: accounting managers for new credit card policies), and try and identify any issues or loopholes that may arise.
Most companies do not function as a dictatorship, and getting buy-in from other departments is key to making sure policies are agreed upon and enforced. Once you have buy-in from needed parties, get approval for the policy from upper management.
You will want to check with your corporate lawyer or the inhouse legal team to make sure that the policy does not infringe on any of the rights of your employees. A good attorney will help you address any potential issues that need to be fixed before sharing the policy with your organization and its employees.
Publish the policy to your company portal (included with most policy software) and then share it with all relevant members of the organization. This should be done by email as well as through any other appropriate employee communication tools.
Your corporate policy management software will allow you to track any employees who have not accepted the new policy, so you can follow up and answer any questions they may have. If they still do not wish to comply with the new policy, you can escalate as needed.
As situations and workplace environments evolve, so too must your corporate policies. If a policy is no longer relevant or is out of date, it should be updated or removed from the policy portal, which can often be done with the click of a button.
Corporate giving policies cover the required procedures to follow when making donations of cash or products to charities, creating or sponsoring grants, matching gifts, volunteering, or other charitable actions. These are put in place to make sure that charities are valid and acceptable under the brand guidelines, with most corporations avoiding controversial causes.
Corporate travel policies outline the required or preferred means of travel for employees who are being compensated for work related travel. These policies could define accepted airlines, maximum cost of fares, seat selections, maximum hotel or lodging budget, per diems due to the employee, and more.
These policies are put in place to ensure that there are no perceptions of impropriety in the event of interoffice relationships or dating. Depending on the company, these relationships might be expressly forbidden, or might have to be reported to Human Resources, or to the team as a whole for transparency.
Corporate credit card policies are typically created by accounting departments to define who in the organization can be issued a card, what acceptable expenses include, how to file expense reports for corporate cards, as well as making clear the repercussions of improper use of a company card.
Corporate social responsibility policies define the manners in which a company will act to benefit society and not just shareholders. These policies aim to define support for environmental, ethical, philanthropic, or economic initiatives.
Corporate social media policies dictate how employees can post to social media both from company as well as personal accounts. The goal of which is to prevent employees from posting broadly offensive content that might damage the reputation or goodwill of the company.
Company cell phone policies seek to reduce distractions of employees by limiting their use of cell phones during work hours. These policies might require employees to only use cell phones during breaks, leave their phones on silent during work hours or more. If the company provides the cell phone, there also might be limits on usage and which applications can be used.
Corporate ethics policies have the goal of making clear what is and is not acceptable actions or behaviours in the workplace, as well as what to do in certain situations that might be seen as unethical. Ethics policies should strive to create trust and transparency in the organization.
Corporate weather policies define procedures your business will take in the event it has to shut down temporarily due to bad weather or natural disasters. This covers who does what in such instances, as well as what compensation will look like in the event workers are unable to make it to the office.
Strong password policies are defined by the organization and often enforced by the IT team. Typical policies define how often passwords have to be changed, what length and strength passwords must have, as well as restrictions on writing down or sharing passwords.
Whether goods, works, or services are being purchased by an organization, there have to be clear processes and procedures when companies or their employees make purchases. This policy clearly defines those procedures.
Corporate governance policy defines the rules on the direction and strategy in which a company should be managed. This focuses on the 4 Ps of corporate governance: people, process, performance, and purpose.
Corporate signature authority policies are used to designate specific individuals as able (or unable) to sign or approve contracts on behalf of the company. At some organizations this may be limited by title, for example only directors can sign contracts, or could be dependant on monetary value of contract, for example managers can sign contracts valued up to $5000, directors $50,000 and C-Suite for anything higher.
Whether corporate record retention policies are put in place to satisfy legal requirements of tax authorities, or just as part of a corporate preferences, these policies define how long, where, and penalties for deleting or destroying corporate records.
This policy seeks to clarify ownership of corporate emails and correspondence. In most organizations all corporate emails are the property of the company unless otherwise noted.
For a company that may need to test employees for drugs, alcohol, or other substances, this process needs to be made clear in a corporate policy prior to requesting the test from employees.
Corporate financial policies define how a company approaches both financial decisions as well as fiscal strategy and budgeting.
Corporate communication policies are put in place to ensure that all publicly facing communications issued by a company create a positive brand image. Certain terms, expressions, or opinions, as well as comments on them should be defined in this policy to avoid saying things that poorly represent the company beliefs or may alienate customers.
Company vehicle policies define the acceptable and unacceptable uses for company vehicles as well as policies in the event of accidents or vehicle damage.
For companies that require uniforms these policies define how a uniform can and cannot be worn as well as basic procedures for uniform upkeep and replacement (if needed).
Company security policies define the efforts that a company takes to protect both its physical and information technology assets.
A company equal opportunity policy is put in place to prevent discrimination of any form when it comes to hiring or promotion practices. These policies also typically outline any suspected instances of discrimination and the process by which complaints can be filed.
A workplace health and safety policy defines the steps and procedures that an organization takes in order to ensure a safe work environment for everyone of its employees. This includes both physical and well as emotional safety and freedom from risk or harassment.
An employee code of conduct policy outlines how the organization expects employees to conduct themselves both inside and outside of the workplace setting, as well as potential punishment for violations of expected conduct.
A clear desk policy is a type of security policy whereby an employee's desk and/or computer is cleaned of any private or secure information at the end of the work day. These policies seek to reduce risk by preventing items or information from being left out for others to see.
Attendance, vacation, and time-off policies define when employees are expected to work and what processes need to be followed in the event that they will not be in the office due to vacation, time-off, or other reasons.
In the event of employee misconduct or poor performance, the employee disciplinary action policy will define the steps the organization will take to rectify the situation and/or terminate the employee from their role.
Safe computer use policies instruct employees on how to use company computers, laptop, networks, and other connected devices, to prevent misuse and risk of data loss or network damage.
Whistleblowing policies are put in place at an organization to promote a culture whereby employees feel comfortable reporting wrongdoing or misconduct without putting their job in jeopardy through reprisals.
Customer quality policy defines the commitments that a corporation will make in order to deliver quality to their customers. Quality is usually defined in terms of customer service, meeting customer needs, product quality, listening to and applying feedback, as well as safety of the product or service, and safety of customer data.
A workplace violence policy clearly defines in writing behaviours and actions that will not be tolerated by the organization. These prohibited behaviours could include any forms of violence, threats of violence, or any hostile or aggressive displays that could result in or be perceived to result in injury.
Anti-harassment policies make clear that all employee interactions should be courteous, made with respect, non-threatening, and non-coercive in nature. They also clearly outline the process by which violations will be handled and the disciplinary measures taken.
Family leave and bereavement policy outlines the time off granted to employees In the event of illness or death of a family member. As this is usually a very delicate time for employees some companies allow for the flexibility that might be required, with the procedure functioning as more of a guideline.
A company acceptable use policy stipulates the various terms that a user must agree to in order to access a corporate network or the Internet over its WIFI or ethernet. These are put in place to restrict access to the network for unwanted purposes.
A BYOD policy defines how companies allow employees to use their own (not company provided) devices in order to access company information and networks. This can range from accessing emails, CRMs, corporate data, and more. As more and more companies move to storing data in cloud based applications, personal device access is becoming more necessary so that work can be done from anywhere safely and securely.
A corporate remote work policy stipulates how members of an organization can and should do work when not able to work from company offices. This could include hours of work to be online, having a distraction free environment, and attendance at mandatory meetings, while still achieving performance goals while out of office.
Employee performance policies define what is expected of employees in terms of performance, and more importantly what are the repercussions if those performance targets are not met.
Also known as a Drugs and Alcohol Policy or Substance Abuse Policy this define when (if ever) it is acceptable for an employee to consume drugs or alcohol while on the job as well as the ramifications for coming to work under the influence of drugs or alcohol. The goal of this policy is to eliminate drug or alcohol use or abuse in the workplace and create a drug free environment.
As part of working for a company, many employees gain access to trade secrets or other confidential information that might be damaging to the company if disclosed to competitors or the public. As such, a confidentiality policy is typically applied to any work contract with violations leading to terminations, lawsuits for damages, or both.
Typically baked into most employment contracts, a non-compete policy outlines when it is or is not acceptable for an employee to have dealings with competitors or customers, as well as how long after termination they must wait before working for the competition. This varies by region and job title and depends on the employment type.
This defines the measures that a company is willing to take in the event that it hires an employee with a disability or in the unfortunate event where an existing employee becomes disabled. Usually they focus on meeting the special needs of the employee so that they can do their job as expected.
Corporate credit policies define the level of credit that employees, vendors, or customers are required to have in order to do business with a company. For example, some companies might choose not to complete a sale to another business if their credit is too low, or might not purchase from a vendor if there is a chance of insolvency, or lastly hire an employee for a financial or accounting role if personal credit is too weak.
If you want your corporate policies to be as easy to create and update as creating an email or Word doc, you should look for a what you see is what you get editor built in. Simply put, it allows for bolding, italicizing, underling, font size changes, and many other common document creation features which will make your policy creation (and life) easier.
Policies once created need to be shared, both with management for approval and implementation and with employees for acceptance and attestation. Look for easy sharing functionality when considering a corporate policy manager.
Often when employees have the need to access policy information they are not in the office. Whether this is after a storm or natural disaster, or in the event of illness, sickness, or death of a loved one, they should be able to access their policy from anywhere on any device. This is why the employee policy portal that you consider should have cloud access for your employees.
Within your company, you will have certain policies that apply to everyone, and others that you might only want more senior employees to see. If this sounds like your use case, look for a policy management software that offers flexible user permissions based on department, job-level, or other filters.
Important: There are many other general policy management software features to consider that are typically found in any policy management software and not specific to corporate policy management software.
Creating corporate policies help to make sure that everyone in your organization knows how to act or behave in any given situation that they may come across as an employee at your organization. From simply knowing what to do when they need time off for personal reasons, to how to file an expense report, to how to address interoffice conflict, employees benefit from clarity of instructions and consistency of procedures should they need them.
Policies should be updated anytime they are no longer relevant, or new issues need to be added. Certain policies like corporate anti-harassment policies can stay relevant for years, however other policies (like credit card policies) might have to be adjusted every few months depending on the changes in your company.
In short, whenever you feel they are needed. The rule of thumb tends to be if any unwritten rules or norms are not being followed or respected, it is probably time to write them down and share them with your employees.
We recommend using a corporate policy management software to store all of your company policies in an easy to access employee portal or database. Some companies opt for paper based employee handbooks but these are more difficult to track, and hard to update.
So long as the company has included a statement that policies can be changed at any time without notice to employees they should be able to legally change any policy without ramifications. That said, it is also important that employees trust the policies that you have in place and if they change often, or to the employees detriment, you could actually harm your relationship with employees when changes occur. Therefore it is recommended that pending changes are discussed with employees before being made, and that concerns are adequately addressed when possible before the policy goes into effect.
So long as the policy is not contrary to the law in the jurisdiction in which it is being enforced, company policies are legally binding and employees are legally bound to follow them.
Every corporation has its own specific ways of doing things, as well as ways in which they expect employees to behave. As such, corporate policies explain how things are done at a specific company. This could be how to sign up for health benefits, how to request time off at the company, or how to file complaints against other employees. These policies also explain to management how to deal with employees who may be in violation of company policies and the procedure for doing so.
Not only do policies explain how employees must behave in order to comply with the expectations of the organization, but also how employees must behave in order to comply with the law. Certain policies that a company may adopt can be derived from government policies (like OHSA, or GDPR) which if not followed by the employee may leave them or the company open to legal consequences.
From restricting purchases to approved vendors, to policies on travel budgets and airlines, to using company cards with perks like cash back, or even reducing exposure to lawsuits and fines, company policies can save corporations a lot of money in costs over time.
From using policies to outline standard operating procedures (SOPS) to helping employees with common tasks like submitting contracts, work orders, or using software and hardware, policies help make operations run smoothly. With regards to safety and pre-shift or post-shift checklists policies and procedures they can even make your life and the lives of your employees safer.
When needs arise, policies can be put in place temporarily to deal with unexpected events or circumstances. For example, many of the work from home, social distancing, or hand washing policies put in place during the 2020 COVID pandemic were temporary measures to reduce impacts to operations and to keep workers safe.
We hope that this guide provides you with a more comprehensive understanding of corporate policy management software as well as the benefits of implementing this software at your organization.