Annual Policy Review

Best practice for all governance is at least an annual review of policies and Terms of Reference. Policies should be reviewed by the policy owner and submitted for republishing to the Board/Partners in good time. The updated policies should then be uploaded somewhere centrally (we can help with this) to create a single version of the truth copy. Version control needs to be maintained.
The review should cover at least;-
Identification
- Policy Owner TITLE
- Review frequency Annual
- Responsible for document management
- Next Review Due Date TITLE
- Date
- Security classification Restricted
- Version control updated with salient changes?
Content Questions
- Is the policy consistent with the core values and principles, mission and strategic plan of the firm? YES/NO
- Have there been deviations from the policy over the past year? If yes, were there a sufficient number to consider revising the policy? YES/NO
- Are there ambiguities in the policy statement? Are there questions arising from this policy? (if yes, perhaps the policy needs rewording for greater clarity) YES/NO
- Does the policy comply with current legislation? YES/NO
- Have you amended to include any practices that may have been adopted (due to limitations or resource shortfalls) to ensure they are consistent with the policy statement? i.e., heuristics, short-cuts, workarounds. YES/NO
- Checked for any contradictions within the policy statement? YES/NO
- Checked for conflicts or contradiction of other policies? YES/NO
- Is the policy consistent with current technology? YES/NO
- Is language within the policy statement current? YES/NO
- Is the policy consistently interpreted? YES/NO
- Are the related procedures relevant and up to date? YES/NO
- Is the scope (i.e., to whom or what it applies) accurate? YES/NO
If there are any “No” answers, please review and amend the policy and/or procedures accordingly.
If you need to create, review or execute your Governance. Risk or Compliance strategy, call us today on
0207 097 1434 or email info@complianceconsultant.org.
This guide is only an aide memoire and intended for information only for anyone appraising the documentation needed in an audit/compliance check. It is not to be considered as direct advice or intended to replace specific 1 to 1 engagement with your compliance and risk professional.
Other Posts In This Series
Compliance Audit: What To Look For In Strategy Document
Thoughts on Organisational Charts
Regulatory Complaint Handling & The FCA
Compliance Annual Reporting Requirement
The Importance of Good Management Information (MI)
Directors and/or Partners Responsibilities and Further Training
Compliant Financial Promotions – Advertising
Governance Risk & Compliance Frameworks
Thoughts on Organisational Charts
Regulatory Complaint Handling & The FCA
Compliance Annual Reporting Requirement
The Importance of Good Management Information (MI)
Directors and/or Partners Responsibilities and Further Training
Compliant Financial Promotions – Advertising
Governance Risk & Compliance Frameworks