How to ensure compliance with policies and procedures using the digital workplace?
So, you've made a change to the company travel policy and the team has updated the company travel policy document. How do you let employees know about that change and ensure they comply with the new process?
This is easier said than done. Employees are already bombarded with information and have little time as they have multiple digital communications channels to navigate. There might be a different travel policy for different locations and groups, and it may not be the most inspiring or engaging document to read, so it's hard to get the attention of employees.
This might sound like a problem that's not that pressing, but collectively getting employees to comply with policies, particularly when they have changed, is a real headache for support functions, compliance teams and risk departments. Some policy changes can have major implications for regulatory, legal and compliance processes, while others can have a considerable ripple effect on employee behaviour.
At the same time, employees often want to comply with policies, but struggle to find the details to do so. Even if they are able to find the right document, they may not be confident that they have the latest version, or know when and what aspect of the policy has changed.
The good news is there are solid approaches you can take across your digital workplace and other key digital channels to help ensure employees do comply with key policies and are made aware of updates.
Let's explore eight of these.
1. Establish clarity around policies in your content strategy
Having good content is critical across your intranet and digital workplace as a whole, but not all organisations have a content strategy that defines the content that is important, how it can be accessed and how it is going to be kept relevant and up to date.
If you don't have a content strategy, you should define one! This should specifically address different types of content: for example, news, operational evergreen content, documents and so on. The content strategy should also define how policies are going to be managed, and cover issues such as:
- What is a policy and what is not a policy?
- How do we deal with procedures, guidelines and other related documents?
- How can we ensure they are managed effectively?
- How do we ensure they are accessed by all employees?
- Who is responsible for keeping them up to date?
- How do we ensure policies are actionable?
By providing clarity on all these issues in your content strategy, you can design the channels, processes and tactics that are going to support effective policy management in your company.
2. Create a central policy library that is easy to access with strong findability
Compliance starts with providing easy access to the policies and procedures that employees need to comply with, and making them easily findable and discoverable. All too often, policies are difficult to find because they are scattered across many places, such as multiple SharePoint sites or intranet pages.
The tried-and-tested way to make policies more accessible for everyone is to provide a central policy library that is available through your main digital workplace channels, likely your SharePoint intranet, Microsoft Teams and search. In this way, everybody can easily find and reach the policies they need. The library itself needs to remove any barriers to access and findability; it needs to be easy to use while simultaneously maintaining elements such as security-trimming on particular policies if applicable.
Sometimes, the details behind the library can prove important here. For example, we designed our Xoralia Policy Management solution to make it super-easy for employees to connect to the right policies with various elements such as:
- Targeting to different AD profiles so the right people can see the right policies
- Clearly presented information about each policy with title, details, owner, function, version, when last updated and more
- Seamless integration with Microsoft 365, SharePoint, SharePoint intranet and Microsoft Teams, as well as the related mobile apps, Xoralia is built on SharePoint
- Notifications with relevant alerts
- A powerful search facility through one interface with the ability to apply relevant filters including policy owner, location and mandatory / non-mandatory reads.
3. Drive trust in policies with robust content governance
At the centre of policy management is making sure you have robust content governance around each policy. This can help to build the trust that is essential for employee compliance with your policies, so they are 100% confident that the policy they are accessing is the definitive and latest version available. Important content governance principles include:
- Having a clear, visible policy owner for each individual policy to drive accountability
- Ensuring there are robust access rights and any necessary approval workflows
- Scheduling regular content reviews to ensure policies are up to date
- Making sure there is version control and numbering of different versions
- Having standards such as naming conventions for policies.
For example, in our Xoralia policy management solution, we’ve ensured there is support for content governance with:
- A visible department or function and named contact to establish clear ownership for every policy
- Robust content life cycle governance with version control, numbering
- and automated review notifications (that also support auditing)
- Strict access control and flexible approval workflows
- Useful and intuitive interfaces to help admins and policy owners manage their content.
4. Make your content readable, scannable and acceptable
Let’s be honest, most policies are dreary, lengthy documents that hardly anyone reads. When was the last time you read the small print on a usage policy or on some Terms and Conditions? But actually, policy documents usually contain some very important details that employees need to follow, or would want to access if they knew about them. Often, this is the how to element of the policy or its main, salient points. Structuring your policies so they are more readable, scannable and actionable for users is essential to get employees to follow them. There are several ways you can do this, for example:
- Creating simpler and more concise summary versions, with access to
- the full version below to allow people to dig deeper if they need to
- Having clearly headed sections, and perhaps including jump links to these
- Incorporating links to related policies and guidelines
- Using inclusive and accessible language, and avoiding legalese at all costs
- Highlighting sections that have changed
- Ensuring content meets accessibility guidelines.
5. Establish a mandatory reads capability with tracking analytics
A critical capability for ensuring employees comply with policies is to enable mandatory reads, where employees have to confirm that they have read and understood a particular policy. With analytics to track who has read a policy and who hasn’t, compliance teams or departmental managers can take additional action if there are employees who are yet to read an important policy document. In this way, employees are alerted when there is a change, and won’t forget to read and digest the relevant information.
Mandatory reads are a core feature of the Xoralia solution, where employees receive a personalised list of the policies they need to read and when, as well as relevant notifications; mandatory reads for specific policies can be targeted to different groups. For admins, the whole mandatory read process is automated through notifications and a tracking report with enterprise-wide reporting, while for policy owners, the progress of who is reading their policy is tracked. For more detailed reporting, analytics can also be integrated into custom Power BI dashboards.
6. Personalise the experience with notifications
Personalisation is a key aspect of digital workplace experience, and needs to be included in any central policy library. It should make a user aware of the policies relevant to them (preserving security-trimming) as well as any updates or mandatory reads they should know about, but also take into account the policies they have already read. Flexible notifications are also crucial to remind users when an action is required.
7. Make it easy for your admins and policy owners
Getting employees to comply with policies requires a holistic approach that makes sure compliance teams and policy owners have the right tools to manage their policies effectively, with intuitive interfaces and automation where required.
Making policy management easy for your admins and policy owners is just as important as making it easy for users. For example, within the Xoralia solution, there is a simple view for policy owners that shows the status of the policies they own, including when they are up for review or have expired. Clients have told us that even a simple report like this can make all the difference.
8. Leverage all your digital communication channels
For important policy changes that require a change in user behaviour, there may also need to be a broader communication effort. Here, you can leverage all your digital communication channels to ensure to get the message out, including through intranet news items, relevant Teams channels and even your learning management system.
If your digital workplace is based on Microsoft 365 and your policy library is based on SharePoint, the ability to link to specific policy pages is much simpler. For example, some of our clients amplify messages to major updates in their Xoralia policy management library via both intranet news and activity streams within Teams.
Compliance with policies is possible
Getting your employees to comply with your policies is possible with the right approaches and solutions in place. If you’d like to discuss policy management or would like a demo of our Xoralia Policy Management solution, then get in touch!