How to use Office 365 for policy management

A key requirement for the digital workplace is for employees to be able to find the trusted, authoritative information and documents they need in order to complete tasks and be fulfil their role. This includes policies and procedural information covering everything from the staff handbook, to Health and Safety procedures, to travel expenses, to rules about how to use social media channels. Policies can also cover areas relating to professional development, as well as required reading for new joiners as part of an onboarding process.

Managing your policies in the digital workplace is very important, albeit not particularly glamorous! It requires attention to four different but overlapping areas:

  • Dissemination and storage: Ensuring everybody can access and consume policies and procedures easily.
  • Findability and discoverability: Allowing employees to find the right policy at the time of need.
  • Governance and workflows: Creating clear ownership and authoring processes so that policies are always up-to-date and employees trust the policies they access.
  • Reporting and tracking: Tracking policy authoring and consumption, including covering mandatory reading of policies.

If you do not employ effective policy management, you can run into both inefficiencies and risks, with people using out-of-date policies and not carrying out tasks correctly. The consequences of this can be anything from relatively unimportant to severe for example, health and safety policies, procedures and related information must be up-to-date so it’s critical to spend time perfecting policy management across your digital workplace.

Using Office 365 for policy management

The backbone of most organisational digital workplaces is Office 365 / Microsoft 365, so it’s unsurprising that we’ve recently been asked about the best way to deliver effective policy management within the Office 365 environment. Thankfully, there are a variety of different 365 tools that can support all four elements of policy management already detailed, and in this article, we explore your options.

Note that we’ve used many of these technologies (and relative approaches) in developing our Xoralia policy management solution – an easy option for organisations who want an off-the-shelf product that can fit effortlessly into their 365 digital workplace (including SharePoint and Microsoft Teams), and support best practices in managing policies across the digital workplace.

Let’s explore each of the four elements of policy management.

Dissemination and storage

Disseminating policies to employees is best done via a central policy library that can be accessed through a central channel that every employee can easily reach, such as a corporate intranet, Microsoft Teams or a mobile app. The best option for creating this library is through SharePoint, which can be integrated seamlessly with your other 365 channels. For example, LiveTiles intranet software comes with its own policy library feature based on SharePoint, while our Xoralia solution can integrate with a SharePoint intranet and Teams. If you have a frontline workforce, there is also the potential to use the intranet app or build a dedicated Power App so policies are available through mobile devices.

Because of SharePoint’s flexibility, you can disseminate policies as pages, documents or both; for example, you could present the essential points of a policy on a page for readability, along with the ability to download the document from the page to access more detail. SharePoint’s in-built version control for both pages and documents helps ensure users are viewing the very latest version of a policy.

Another essential strength of SharePoint is the ability to target policies to particular audiences based on Active Directory profiles. Just as you want to ensure internal communications are relevant to locations, divisions, roles, levels of seniority and language, policies must be targeted for relevancy. For example, in global companies that have been built up through acquisition, HR policies will often differ from country to country, and it is critical that employees see only the policies which apply to them.

Findability and discoverability

Strong findability is a foundational principle for both a successful digital workplace and a reliable central policy library. Employees must be able to find the right policy at the time of need. Here, you can use Microsoft Search to ensure your policy content appears in your intranet or SharePoint search; applying the right metadata will allow your users to filter and refine the search.

A central policy library should promote good findability, with a dedicated contextual search for the policy library with appropriate metadata and filters, as well as the right categories and labels. Applying targeting through AD profiles to personalise the search for different groups can also improve findability here.

When we came to build the Xoralia policy management tool, feedback from clients continually stressed the importance of robust findability and discoverability. Bearing this in mind, we included the ability to:

  • Filter results by different tags defined for the organisation, including subject categories, departmental owners or intended audience
  • Filter by contact name, such as the owner of a policy
  • Browse through policies alphabetically
  • Assign appropriate views for policies that must be read or need to be reviewed by a policy owner
  • Access a Teams app where policies can be searched for and appear as cards.

Governance and workflows

Any good policy management solution needs to have robust governance, principally around the authoring and content management processes. Here, you can use both SharePoint and Power Automate to ensure that policies are always up-to-date by applying the right permissions, and introduce workflows to make it easier for policy owners and authors to remain on top of this task.

Establishing clear ownership of a policy to drive accountability is dependent on supporting governance; the permissions that can be applied in SharePoint at the page and document level mean that only defined owners have the rights to update the policies they are responsible for. A good approach here is to display the name of a policy owner or appropriate contact on the policy itself, as this supports accountability, transparency and trust. In our Xoralia solution, there is a clear contact displayed not only on the policy itself, but also in the policy listing view.

You can use Power Automate to define appropriate workflows and automated reminders around the authoring process. This includes approval workflows where review and approval are required before a policy can go live, as well as expiry workflows which send automated reminders for policy owners based on defined review dates. These are all features we chose to build into Xoralia, as well as the views for policy owners to see all the policies they own and those that are approaching review. To further underpin governance, Xoralia also displays when a policy has expired because the policy owner has failed to check it by the review date.

Power Automate can further be used to support repeatable dissemination workflows. For example, perhaps you want to push out a particular policy to a specific audience that for compliance reasons you require to be read at a set time each year, or whenever it goes through a substantial update. You could use Power Automate to trigger this process every time the policy goes through an appropriate update or on a particular date.

Reporting and tracking

Reporting on your policy library and tracking its usage is beneficial in ensuring that employees are using it, but it becomes particularly important when you need to ensure there is a mandatory read of a policy. This could be for compliance reasons from a regulatory body, or for internal purposes such as when you need everybody to urgently read the new flexible working policy introduced to support hybrid working. Mandatory reads usually work by presenting a user with the policies they must read, and then requiring them to complete a declaration that they have read each one.

The reporting becomes important to:

  • Track who has read a policy so you can carry out interventions to make sure everyone has done so
  • Provide updates on progress to senior stakeholders
  • Use reporting to show external parties read rates for compliance purposes.

As you might expect, in Microsoft 365, the versatility of Power BI allows for the required tracking and reporting, enabling filtering by location and department and allowing administrators to filter based on group, specific policy or group of policies. Strong reporting is at the heart of Xoralia, with quick views for policy owners to get the headline statistics to track the progress of mandatory reads, and support the flexible reporting you need. Users also see the policies they must read.

Automating this tracking and reporting is excellent news for anyone who has had to use a combination of email and spreadsheets to keep on top of who has read a policy – a thankless and highly inefficient activity.

Going further

The beauty of Microsoft 365 is you can also integrate your policies into other areas where relevant, such as:

  • Creating an employee onboarding app using PowerApps that includes mandatory reads of policies
  • Creating a chatbot using Power Virtual Agents that references your policies
  • Providing access to your policies within Teams channels
  • And more!

If you’d like to discuss our Xoralia Policy Management tool or managing policies across your Office 365 digital workplace, then get in touch!

We use cookies to give you the best experience on our site. By continuing to use our website, you are agreeing to our use of cookies. To find more about the cookies, please see our Privacy Policy