What is the purpose of a policy?
Organizations are responsible for creating and maintaining policies that serve one of the following purposes::
- Improve controls
- Reduce risk
- Increase efficiency and effectiveness
- Elaborate on new compliance regulations or rules
- Enhance understanding of what to do in a specific situation
- Delineate what is in Board of Trustees policy
If what an organization has in place does not serve any of those purposes, it may be considered an operating procedure or a guideline.
In order to distinguish whether or not a policy is necessary, the organization should review existing policies and create new ones when appropriate.
What do we do with existing policies?
Organizations may use existing policies if the following statements are true:
- The policy is one that the organization currently uses.
- The policy does not need revisions.
- The policy reflects current operations.
- The policy is in writing or published.
- The policy has been approved by the chain of command.
When do we need to create a new policy?
Organizations must create a new policy if any of the following statements are true:
- The proposed policy does not exist or an older, outdated policy is in use.
- There is a change or revision needed to a current policy.
- No policy is currently in use but one is needed.
- The policy is not in writing. (Oral tradition is no longer an effective means of passing on information.)
- The policy has not been approved by the chain-of-command.
Do we need to review policies once they are written?
Policies must be reviewed according to the Policy on Policy Management.
How can I get an answer to a question that is not listed here?
If you have any questions pertaining to policies, please them via the Policy Questions online form.