Policy and Procedure Intelligence.
Let our AI engine help you build your policy and procedures guide, so you can be up and running in minutes.
Policies & Procedures
The FrameWork platform is hierarchical, letting the user have sections and subsections. This lets you structure your organization's knowledge base in a way that easily grows without becoming unmanageable. In order to keep the policies easily manageable, we recommend exploiting this feature to organize your policies, and limit any one level to have less than 50 articles for easy navigation.
The workflow features in our platform are second to none.
- Set approvers to sections or pages so that any changes must be approved by them before being applied.
- Send and assign page requests to staff and be notified once that page is written and approved. Or send a page to your staff to read, acknowledge and sign.
You can also easily add checklists to policies and procedure articles, which will be private to that user.
Checklist items can be assigned to different users, and can also feature custom forms to collect information. This lets you quickly add workflow to automate and bring your standard-operating-procedures to life.
Structuring Policies
Before we delve into managing your policies, it's worth noting how policies and procedures should be structured and formatted when they are entered into your site.
Whereas you may have seen policy documents that are tens of pages long, in our platform we split up the different sections of a policy into sub-articles.
The policy can be navigated using the navigation list on the left side, while viewing the section content in the article body on the right hand side. Each article is a separate page, with its own URL and history, in the system.
This is important not just to make the system easy to navigate, but as articles are being edited by a user they are locked for editing so other users cannot edit them. In order to allow multiple people to edit the Policy and Procedures guide at once, you want to make sure that only a small section of the guide is locked for editing at a time.
Because of this, articles should usually be relatively short. If the article is getting too long, please consider creating sub-articles under that article. There is no practical limit to how many sub-articles deep you can go
Policy Attestation / Acknowledgement
When you add a new policy or set of procedures, you may want do more than just send links of articles to staff. You may need certain staff to acknowledge that they have read the policy, understand it, and accept it. Additionally, you can require staff to watch videos in policies or procedures that have them. All acknowledgements will be tracked in each stage and can be reviewed for verification.
Policy Exemptions
While policies are intended to be followed at all times, there will likely be times when exemptions are required for specific situations. To cater to this, our platform lets you request what is called a "Policy Exemption" authorization. This is a form you fill out, specifying the policy you want exemption from, the reason for the exemption and the date period you require it for. You will also specify the manager who will approve the request.
You can invoke the form from the policy page itself, in the actions menu dropdown you will see an option "Request Policy Exemption":
This will bring up the following form, with the policy pre-selected:
This form will create an assignment, sending the request to the manager for review. They can then view the request and click either approve or reject.
Managers can also see a list of all exemptions granted to a policy by clicking on the Explore link on a specific policy, then looking at the Policy Exemptions tab underneath the data-view of the policy.
Note: The "Request Exemption" action approval setting can be limited only to those who are risk analysts / compliance officers/analysts. This is set in the Configuration / Main Settings screen, under "Exemptions Reviewed by Risk/Compliance Only?".
Visualizing Risks and Mitigations
Policies are typically instituted in order to mitigate risks to the company. In order to better communicate the aspects of a policy or procedure that pertain to specific risks to a company, or the sections that pertain to mitigating those risks, you can use the inline risks and inline mitigations button to highlight them.
This lets you click the highlighted sentence that pertains to either a risk or mitigation, and then enter in more detailed information in a form. This would include, for example, the type of impact (whether it's legal, property damage, safety etc.), the probability of it happening, and the degree of impact.
Once you publish the article, those passages will then be highlighted as links in the system. If you are a Access Manager or Risk Analyst, you can then click them and it will pop-up with a risk visualization, as you can see below:
The purpose of this is to ensure that relevant staff are made aware of the risks and mitigations outlined in a policy. This can help them to understand the importance of following the policy or procedure, and promote transparency at your organization.