What Does Policy Mean?
A policy is a principle or rule to guide decisions and achieve rational outcomes. A policy is a statement of intent and is implemented as a procedure or protocol. Policies are generally adopted by the Board of Directors or senior governance body within an organization whereas procedures or protocols would be developed and adopted by senior executive officers. Policies can assist in both subjective and objective decision making. Policies to assist in subjective decision-making would usually assist senior management with decisions that must consider the relative merits of a number of factors before making decisions and as a result, are often hard to objectively test e.g. work-life balance policy. In contrast, policies to assist in objective decision-making are usually operational in nature and can be objectively tested e.g. password policy. The term may apply to government, private sector organizations and groups, and individuals. Presidential executive orders, corporate privacy policies, and parliamentary rules of order are all examples of policy. Policy differs from rules or law. While the law can compel or prohibit behaviors, policy merely guides actions toward those that are most likely to achieve the desired outcome.
A policy explains what to do in a particular set of circumstances by providing necessary rules and requirements and by setting expectations. Policies help clarify performance requirements, communicate management’s intent for how work should be done, and establish accountability and the foundation for compliance.
Procedures break policies down into detailed steps that describe how work should be done and identify who should do what. To be effective, policies and procedures need to accurately reflect what the organization wants to be done — they should clearly describe circumstances, rules, options, and activities in a way that is understandable and can be readily put into practice.
Policies are high-level statements of management intent from an organization’s executive leadership that are designed to influence decisions and guide the organization to achieve the desired outcomes. Policies are enforced by standards and further implemented by procedures to establish actionable and accountable requirements. Policies are a business decision, not a technical one. Technology determines how policies are implemented. Policies usually exist to satisfy an external requirement (e.g., law, regulation, and/or contract).
Policy occurs at various levels and points of interaction — personal, organizational, and public. If we use the right strategies we can be successful in influencing all aspects of policy.
- Personal policy: Personal policy is the set of standards you use to guide your own decisions and actions. Despite our best efforts, economic realities can sometimes make it difficult to carry out personal policies.
- Organizational policy: Organizational policy guides how organizations and businesses operate. Unlike public policy, which often has opportunities for public input, organizational policies are often made out of public view.
- Public policy: All levels of government — federal, state, and local — create policies to address specific issues or problems. These public policies are developed through a process that involves input from citizens, government staff, and elected officials.
Policies are generally developed to manage the organization’s risk exposure. They are written to prescribe the actions and procedures to be followed that may prevent potential problems from occurring. To protect the public or other vested parties, some policies are required by law or regulation, such as conflict of interest and whistleblower policies.
Well-thought-out policies and procedures set clear expectations and standards for the manner and process in which certain situations and issues will be handled. However, the existence of a policy alone isn’t enough. Inherent in the adoption of a written policy is the expectation that the organization will follow the direction outlined in the policy. Failing to make the policy available and known to all affected parties, educating trustees and/or employees about the policy, or simply not ensuring that the protocols of the policy are consistently followed essentially nullifies its existence. With board support and oversight, strong, effective and well-written policies will be adopted, periodically reviewed and updated, and consistently adhered to.
Building a Sound Policy
A policy template should be adopted and consistently used. The policy format should be structured to allow specific sections to be referenced or cited as needed. Typical policy components include:
- Policy Title. Each policy should be titled. The title should readily convey the issue addressed to facilitate easy and successful index or table of contents searches.
- Policy Number. Many organizations also number their policies for tracking, indexing, and updating purposes.
- Critical Dates. The effective date, review date, and revision dates should all be outlined at the beginning of the policy.
- Responsibility. The title of the individual(s), committee, or other entity responsible for the development, review, revision, oversight, and compliance with the policy should be noted.
- Purpose. The purpose of the policy should be clearly and succinctly stated and should indicate the intent or reason for creating the policy and its expected use.
- Policy Description: This section of the policy should describe the expectations of the organization in regard to the specific topic, situation, or issue being addressed. The description should include as much or as little detail as needed to ensure that expectations are clearly expressed, and misunderstanding or confusion is avoided.
- Procedures: Any applicable processes or procedures should be clearly described in step-by-step detail that includes:
- Applicable time frames
- Cross-reference to applicable rules, regulations, or other policies
- Definitions. Define technical terms, acronyms, abbreviations, or other obscure terms used in the policy.
- Signature of Approval. The policy’s approval should be attested to by the signature of the accountable individual.
The Policy Process
Several steps comprise the policy process. It would be unrealistic and even incorrect to say that the formulation of policy follows a clear and consistent pathway or route. Policy development is actually an involved and sometimes haphazard process that differs widely depending upon the concern being addressed. Sometimes it is a long and winding road with lots of detours and stops along the way. Despite the variation in the policy process, there are some general steps (described below) that are common to its development. These are:
- Selecting the desired objective: The first step in policy formulation is to determine the desired objective. The selection of objectives typically derives from priorities and imperatives set at the leadership level.
- Identifying the target of the objective: The next step in the policy process is to identify the appropriate targets toward whom the policy should be directed. The selected target is linked to the overall objective, which embodies within it either a direct or indirect statement of who will or should be affected by the proposed measure.
- Determining the pathway to reach that objective: A third phase in the policy process is to determine from a range of options how best to reach the specified objectives. This part of the work is often difficult and contentious. Several key factors act as a lens against which to assess decisions in the development of policy.
- Potential effectiveness – how well a policy will meet the stated goals – is the first key factor.
- Efficiency is a second key factor, which involves how well resources are utilized in achieving goals and implementing policy.
- Consistency is the third factor; it refers to the extent of alignment of the policy with the broader goals and strategies
- designing the specific program or measure in respect of that goal: Policy formulation does not end once a preferred route to the desired outcome has been selected. There is typically considerable design work to be done after the approach has been identified. In fact, it is at this point that the detailed work and tough decisions actually begin.
- Implementing the measure and assessing its impact: Implementation is crucial to the effectiveness, efficiency, and consistency of a policy. A plan that may be excellent on paper could end up being very different from its intent if not properly implemented. It may be too slow, there may be too little investment for effective application or the policy may be inconsistent with other objectives or measures. Ideally, all policies and programs should assess and correct their course on an ongoing basis. The need for continuous feedback within the policy process is based on the assumption that evaluation is important and not just for accountability purposes
Model of Public Policy
In an attempt to help create better public policy, the State of New South Wales developed a model to deconstruct and define ‘policy’, both in terms of a ‘Policy’ (with a Big ‘P’), and policy as a concept and a practice. They claim that model isn’t definitive or prescriptive but just a tool to help clarify where efforts may need to be targeted in solving policy problems.
- The top of the pyramid – the ‘big P’ Policy – provides the ‘why’. It sets the ultimate strategic objective and establishes why this objective is important. The ‘why’ element informs all the layers that sit below it. That’s why it’s critical that this be constructed first. You should clearly define the strategic objective(s) and purpose before you do any further work. This layer doesn’t need to be complex or large, but it should ideally establish the following:
- Policy intent: The Policy should outline what is trying to be achieved through the strategic objective or objectives.
- Purpose of the Policy: The Policy should tell the story of why the strategic objective is important and necessary. It should link needs and evidence with proposed actions. For example:
- Who are the intended users and subjects of the Policy? How was this established?
- What is the user or community need that the Policy is intended to address, or the problem that the Policy is intended to solve? How was this established?
- How will the Policy meet user or community needs, or otherwise benefit the community? What does the best current evidence suggest will work? What assumptions have been made? You should cite relevant research (including user research or co-design work).
- Vision: The Policy should set out a clear vision of what ‘good’ looks like.
- Outcomes measures: The Policy should set out how policy outcomes will be measured. This may be in the short, medium or long term, or all three.
- Roles and responsibilities: The Policy should set out roles and responsibilities, and outline expectations for all staff.
- Supporting documents: The Policy should identify the supporting documents. In turn, the supporting documents should reference the Policy so that their purpose for existing is clear.
- What? The Policy should be supported by prescriptive requirements – these set out what must be done to achieve the Policy intent. In government, these rules may be set out in laws, or documents such as frameworks or standards.
- Laws can be used to establish key requirements and enable regulatory enforcement, but this approach isn’t always necessary.
- Frameworks may support or expand on the Policy (or the legal requirements) by outlining the elements of the system that underpin the Policy. The framework could set out and illustrate the connections between business processes, inputs, outputs, key stakeholders and relationships, or logical decision points.
- Standards may set technical and prescriptive rules that dictate what should happen by establishing minimum requirements. Standards can help ensure consistency both within an agency or government and with other jurisdictions. For example, the NSW Digital Design System, which is intended to help creators make consistent and accessible NSW Government digital products, includes a Digital Design Standard that prescribes minimum design requirements.
- How? Once specific requirements have been established, you can set out how these requirements should be met. Procedures, manuals, guidance, and similar documents help to achieve the Policy intent by laying out the specific tasks within relevant business systems that must be performed to comply with the applicable standards and frameworks.
- With what? Tools, Tips, and Tricks: You may create ways to make it easier to do the tasks described in the procedures, manuals, and guidance, such as reusable components, tools, forms, and templates. These should be referenced in procedures, manuals, and guidance with information about how and when they should be used.
- So what? Measuring success to iterate policy: The Policy sets a vision for what ‘good’ looks like. You should identify specific metrics and measures to establish whether you have successfully achieved the Policy intent, and to what degree. Ideally, this should include:
- reliable, robust, and attributable quantitative data, and
- qualitative data - direct feedback from the users and subjects of the policy (and those who can’t or don’t want to users).
Measuring outcomes should be done carefully – ultimately, what gets measured will get done, so you should take care that your metrics don’t create perverse incentives or incomplete or misleading impressions. You should use your measurements to inform and regularly iterate your Policy and the supporting layers. These changes can be at the macro level (such as a change in the strategic objective) or involve more minor adjustments in the implementation of the Policy (such as changes to frameworks or standards, procedures, or tools). You should also consider whether this information needs to be publicly available. Making your analysis open to the public can help ensure transparency and accountability. If you have detailed data, it may also be useful to and reusable by other agencies, or to members of the public.
The Impact of Policies
- Intended effects: The intended effects of a policy vary widely according to the organization and the context in which they are made. Broadly, policies are typically instituted to avoid some negative effect that has been noticed in the organization or to seek some positive benefit. Corporate purchasing policies provide an example of how organizations attempt to avoid negative effects. Many large companies have policies that all purchases above a certain value must be performed through a purchasing process. By requiring this standard purchasing process through policy, the organization can limit waste and standardize the way purchasing is done. The State of California provides an example of a benefit-seeking policy. In recent years, the number of hybrid cars in California has increased dramatically, in part because of policy changes in Federal law that provided USD $1,500 in tax credits (since phased out) as well as the use of high-occupancy vehicle lanes to hybrid owners (no low hybrid vehicles). In this case, the organization (state and/or federal government) created an effect (increased ownership and use of hybrid vehicles) through policy (tax breaks, highway lanes).
- Unintended effects: Policies frequently have side effects or unintended consequences. Because the environments that policies seek to influence or manipulate are typically complex adaptive systems (e.g. governments, societies, and large companies), making a policy change can have counterintuitive results. For example, a government may make a policy decision to raise taxes, in hopes of increasing overall tax revenue. Depending on the size of the tax increase, this may have the overall effect of reducing tax revenue by causing capital flight or by creating a rate so high that citizens are deterred from earning the money that is taxed. (See the Laffer curve) The policy formulation process theoretically includes an attempt to assess as many areas of potential policy impact as possible, to lessen the chances that a given policy will have unexpected or unintended consequences.
Corporate Social Responsibility (CSR)