We always see several workshops done through the year and several announcements about updating a number of policies and procedures specially in the beginning of the year. Have you ever wondered the reason or the trigger behind these updates and the process behind them? Today I led a workshop to update Yemen Family Care Association (YFCA) warehouse policy. That inspired me to write this article about why do we review and if needed update our policies, procedures or guidelines? The second question I will try to answer here is, what triggers updating policies during the year?

As policies are a great “vehicle” to improve the quality of business and a lead factor to mitigate risks associated with your business. Moreover, policies and procedures reflect the values as well as the culture the organization adapts. I will be discussing the benefits of the policies here as I am planning to write another article on this topic.

Updating polices sually done in the beginning of the year for most mid to small size organizations and this date can be usually found in the organization meta policy if available or this could be impeded within the policy itself under the update or continues improvement sections.

Now, back to the questions: why do we review and if needed update our policies, procedures or guidelines?

As I have and admiration to risk management, let me start my answer with simply state that updating and reviewing policies will help the organization to avoid or mitigate several risks such as:

• Updated regulatory risks
• Changing business environment risks
• Reply to technological advancement and security risks
• Changing organization structure
• To reflect on the compliance red flags reports

• Different audience: like there was a shift in the operations such as shifting the Manufacturing to he far east.
• New organization state: such as the one emerges after merge or new legal status
• Entering new markets: that require us to update our policy to adapt this new business expansion.
• Because your meta policy say so simply if your meta policy or sometimes called policy on policies enforce the organization to review the policy in pre-decided timely manners. This usually will be correlated to the policy risk level (another article will be shared about how to create a practice meta policy).
• Reply to policy exception monitoring reports: when the organization policy steering committee receives several exceptions requests to specific policy, a policy review shall be lunched to check the policy design and effectiveness to identify the root cause behind these requests.
• To facilitate the new strategic goals of the organization: sometimes the strategic goals of the organization leads to do a policy review for one or more policies to ensure that these policies will help the organization to reach it’s strategic objectives.  

These are the reasons that I could thing of right now and if you think of more reasons, please share them in the comments.

The second question: what triggers updating policies during the year?

I will start with what led us to have a workshop to update our warehouse policy in the mid of year. The answer to this question is also as simple as that we faced several risks that the policy in place couldn’t mitigate to our risk tolerance levels. The other reason will usually be a regulatory update related to the organization business that takes place during the year which contradicts the organization policy and the organization shall adhere to or the organization might not have a policy to ensure the compliance with this mandatory legal requirement.

I hope this article could help and clarify, why the people in development and compliance keep following these policy updates and reviews during the year.