Clear company policies are a must for every business, regardless of its size. If your company has employees, you need policies. Period.
There’s no doubt you have reasonable people working at the company, but it doesn’t mean they don’t need guidelines on how to behave in the workplace.
Creating company policies is a way for you to set clear expectations for your employees and define what’s appropriate and what’s not. And since a lot of companies hire globally, failing to create standard communication norms to make up for cultural differences may result in confusion, conflicts and even lawsuits.
Which policies should you include in your employee handbook? We’ve hand-picked five company policies you should consider writing in the first place.
Read on if:
- You need to build company policies from scratch and have no idea where to start.
- You have outdated policies nobody has opened for a long time.
- Your company is going through changes and you need to reflect it in the policies.
What is a company policy?
A company policy is a set of rules that establish formal expectations for the responsibilities of employees and the company. It may regulate different aspects of the employer-employee relationship, such as health and safety, communication, work schedule, compensation and benefits and more.
The primary goal of having policies in place is to minimize the risk of legal issues and other severe consequences for the company and its employees. In some countries, certain company policies are required by the law. For instance, in the UK, an organization with more than 5 employees is obliged to have an official health and safety policy.
All the company policies are usually collected in an employee handbook.
And what is an employee handbook?
An employee handbook is a document that organizes the company’s policies and procedures, mission, vision and values.
This is a lengthy resource a new hire should get familiar with during their first days at work. They can get back to it any time they need to refresh their memory on their rights and responsibilities.
Policies vs procedures: what’s the difference?
Policies and procedures usually go hand in hand in an employee handbook. But how do these two relate?
A procedure is an established method of carrying out a business operation. It covers a series of steps, tools and best practices that help to achieve consistent results from repetitive business procedures.
While policies explain what employees should do and why it’s important, standard operating procedures explain how they achieve desired outcomes.
Say, your corporate travel policy covers the rules for planning work-related trips. A procedure, in this case, will provide guidance on how employees should request expense reimbursement so that your finance department can handle the requests quickly and effectively.
Types of company policies
There are a few dozen of policies for every case. But you don’t need to have each and every policy as many of them overlap. Instead, you can group all of them into five major categories:
- Employee code of conduct & Ethics policy. This type of company policy regulates a wide variety of issues. It may outline expected workplace behaviors, attendance times, dress code (if any), Internet and social media use regulations and more. It also covers the code of ethics — a set of rules providing guidance on how to handle ethical issues, like harassment, safety and conflicts of interest.
- Equal opportunity policies. This is a rare policy aimed at regulating employer behavior. It outlines the company’s commitment to creating equal opportunities and work conditions for every job applicant and employee, regardless of age, gender, race or sexual orientation.
- Workplace safety and security policies. It’s a set of rules outlining expected behaviors for both employees and employers to maintain safe work environments. The purpose of the policy is to prevent risks of illnesses, injuries and fatalities at work.
- Substance abuse policies. The document explains the business's protocol for substance abuse and the consequences following alcohol and drug misuse.
- Compensation policies. These are policies covering all things benefits and compensation. They create expectations for salary, overtime compensation, end-year bonuses and other types of employee rewards.
These types of company policies cover all kinds of workplace situations, helping to create clear expectations and eliminate unwanted situations.
Company policy structure
Although there are no strict rules on how to structure a policy document, it’s convenient to follow a unified structure across all your company policies. A common company policy structure includes:
- Title — What’s the policy name?
- Purpose — Why do you need the policy?
- Scope — Who does the policy apply to?
- Responsibility — Who is responsible for ensuring policy compliance?
- General policy statement — What exactly does the policy require?
- Disciplinary action — What happens if the policy is violated?
- Relevant documents — Where can you find additional information on the subject?
How to create *no dull* company policies
Here are some proven best practices for creating policies your employees will want to read.
1. Get legal advice
Before you decide which policies your company needs, you need to understand which policies your company must have. Consult with a specialist to discover which policies are required by the law in your country or state.
2. Establish priorities
Next, think of other policies that would be relevant to your organization.
Are you open to remote work? A remote work policy will help you establish clear expectations for your remote employees.
Is your company fully remote? Obviously, a face mask policy will be redundant.
3. Use templates
Use the templates we’re offering below or create your own layouts. Regardless of your choice, it’s good to have a common structure across all your policies.
4. Automate the process when possible
Remember that policies are often followed by procedures?
Don’t waste your time guiding every employee through the procedure of requesting travel expenses reimbursement or securing shared files in Google Drive. Use process documentation software like Scribe to automatically create how-to guides, complete with screenshots, instructions and clicks.
5. Publish your policies in a centralized system
To make your policies easily accessible by anyone at any time, you need to publish them in a centralized system, like an internal wiki, the company’s intranet or the Scribe dashboard
If you use Scribe Pages to create and store your policies (just as we do below), you can easily update your documentation, manage access rights or collaborate with other team members right from your dashboard.
5 Examples of company policies you must have
Below are the five examples of must-have company policies along with ideas for what you should include in each.
An attendance policy is a document that governs the employee’s presence at work. It also outlines responses to various issues like tardiness, no-shows, early outs and other types of policy violations.
Even remote-first companies with flexible work schedules need an attendance policy to regulate work hours and ensure employees from different time zones are available within the same timeframe for a couple of hours every day.
Here’s an example of a simple attendance policy:
Title: Employee Attendance Policy
Purpose: The policy must ensure regular attendance and punctuality of employees to prevent any deviation that may result in decreased productivity.
Scope: This attendance policy applies to all employees regardless of their position or type of employment.
Responsibility: Human resources are to check attendance policy compliance every day and report violations to management.
General policy statement:
- Employees are expected to be present for work every day.
- employees should adhere to call-in procedures and provide an acceptable reason for their absence or tardiness.
- Employees should request exceptions for work absences from human resources and their direct management. The procedure for requesting sick leaves is covered here.
- Any absence from work not approved by a supervisor is considered to be unexcused and is subject to informal corrective or disciplinary action.
Disciplinary action: If an employee is absent from work without notifying a supervisor for three or more consecutive days, it will be considered job abandonment and lead to termination without notice.
Equal opportunity policy
This is one of the most important policies for you as a manager or employer as it helps you to prevent the most severe consequences of discrimination in the workplace.
An equal opportunity policy ensures a company treats all potential and current employees equally and creates a safe workplace free of harassment, violence and discrimination. It provides regulations for employers, managers and employees on how to treat each other fairly.
You can use the following equal opportunity policy example as a template:
Title: Equal Opportunity Policy
Purpose: This policy aims at preventing discrimination against any job applicant or employee because of age, color, gender, national origin, race, religion or any other factor.
Scope: The policy applies to every employee of the company.
Responsibility: The Equal Opportunity Officer is responsible for implementing and supervising equal opportunity practices in the organization.
- Direct discrimination happens when a person is treated less favorably than another on because of their sex, race, age, marital status, age, sexual orientation, etc.
- Indirect discrimination happens when a requirement related to a person’s sex, race, age, sexual, orientation or other protected characteristics is imposed.
General policy statement:
- [Company name] is an inclusive organization where everyone is treated with respect and dignity.
- Every employee at [Company name] has equal opportunities for professional development.
- We value diversity means and recognize that we all have complex identities.
- We embrace and celebrate our differences.
- Any direct or indirect discrimination is subject to disciplinary action.
- An employee who believes they have been discriminated against must contact an EEO counselor prior to documenting a formal complaint.
- Grievants must register their concerns within six months of the alleged offense to have access to the entire Equal Opportunity Grievance Procedure.
- After reviewing the complaint, the EEO must decide on an appropriate disciplinary action if the case of discrimination has been confirmed.
Compensation and benefits policy
A compensation and benefits policy outlines expectations for monetary compensation for paid time off, healthcare coverage, paternity/maternity leave and sick leave. This policy helps to establish a standard system for calculating employee benefits and rewards in every specific case.
Use this example as a base for your own compensation and benefits policy:
Title: Compensation and Benefits Policy
Purpose: The document provides a framework to determine appropriate compensation and benefits for eligible employees.
Scope: This policy applies to all the executives and employees of the company.
Responsibility: The human resources department is responsible for managing a compensation program.
General policy statement:
- Every employee has the right to use a 25-day paid leave.
- Every employee has the right to 15 weeks of fully paid maternity/paternity leave.
- Every employee has a budget of $2,400/year for maintaining and improving their physical and mental health.
- The company covers 50% of each employee’s health insurance plan.
- The amount of the annual guaranteed pay is revisited once a year and can be increased based on the results of the annual performance review.
- The company will withhold taxes, insurance costs and other deductions from the employee’s pay cheque.
Workplace health and safety policy
A workplace health and safety policy is required by the law in many countries. By creating one, you will not only minimize accidents at work but also keep your company safe from a lawsuit.
Depending on the country, health and safety regulations might differ. However, the following policy example will be a solid base for your workplace health and safety policy:
Title: Workplace Health and Safety Policy
Purpose: The policy aims at ensuring a safe and healthful workplace for all the company employees and clients.
Scope: The regulations apply to everyone visiting the organization’s physical locations.
Responsibility: The employer is fully responsible for keeping every company employee and client safe from harm in the workspace. Management must take an active part in preventing workplace incidents and supporting safety program initiatives.
General policy statement:
- All employees must participate in safety and health program activities.
- Employees must not come to work with any signs of sickness until complete recovery.
- Employees must be familiar with first aid facilities available in the company building.
- Employees must not interfere with or misuse facilities provided for health and safety purposes.
- Employees are to follow the fire and emergency procedure in case of hazard.
- Employees must report any violation of the given policy to a supervisor or the safety committee.
Information security policy
Earlier this year, Klaviyo reported their employee's login credentials had been compromised, which resulted in a data breach of an unspecified amount of customer data. Such incidents must motivate companies to revisit their internal information security policies and implement regular employee training.
An information security policy (ISP) is a set of rules designed to ensure the organization’s digital security. It minimizes risks of security accidents such as customer data breaches, phishing attacks, intellectual property violations or ransomware.
You need to write an ISP to provide your employees with clear guidance on how they should act to prevent a sensitive data breach.
An information security policy is usually a comprehensive document that includes multiple sections, but this is a good place to start:
Title: Information Security Policy
Purpose: The goal of this policy is to protect the sensitive data of our employees and customers and the company’s own intellectual property.
Scope: The information in this document applies to every employee who has access to the company’s electronic systems.
Responsibility: The Chief Information Security Officer (CISO) is the leader and face of data security in the organization. They are responsible for implementing and maintaining data security measures and responding to policy violations.
General policy statement:
- Every employee involved in the collection and analysis of customer data must ensure that [Company name] is GDPR-compliant.
- Employees must never send customer data to third parties unless authorized by management.
- Sensitive data that is no longer in use must be deleted within 60 days.
- Laptops and documents should be taken home or stored in lockers at the end of the work day.
- All suspected security threats and data breaches must be reported and investigated.
- Infringement of this policy may result in disciplinary action or criminal prosecution.
Whether you need certain policies or not depends on your company’s size, work model and industry. After you talk to a lawyer and revisit the most common workplace issues, you should have enough policy ideas to start with. Use the examples above as the inspiration for your custom company policies.