Several policies and procedures rule life in a corporate environment.

They come in all colours and shapes: ranging from the purchase of stationery to more complex matters such as how to handle corporate travel. Some policies have only internal relevance and affect solely employees (i.e. what kind of electronics a person is entitled to), others have external relevance and affect third parties (such as purchasing policies and procedures affecting suppliers and partners) and/or clients (such as policies and procedures stating how to handle a client complain or billing).

Few companies, though, reserve sufficient time and resources to improve their internal policies management, and this can have a tremendous impact on the organisation’s business.

Let’s see how!

Compliance as a success factor

Depending on the company’s history and culture, the actual content of policies can vary. Still, my own experience in 20+ years in the corporate world has taught me that no matter the sector or the industry, companies struggle with the same issues when it comes to policies: compliance!

Yes, most of the times compliance to policies is a real challenge and source of extreme frustration for all the parties involved: for the people writing and trying to enforce policy and for those having to comply with them.

Why is that?

Over the years, I’ve heard a lot of reasons:

  • Policies are useless!
  • By the time I’ve done what the policy says it’s too late
  • It’s not realistic! It doesn’t consider the real conditions.
  • It’s so confusing and complicated!
  • Why do I have to follow the policies? My approach works better!

I could go on and on, but the core reasons are more or less the same listed above.

Policies and procedures are essential, and many organisations need several of them, to ensure some standard approach, risk control and fair treatment (of employees, suppliers, partners and clients). In various situations, they are needed to comply with the law!

And, an adequate level of compliance is critical to make sure that the organisations can reap the expected benefits.

So if policies are there but people don’t follow them (for any reason) the organisation won’t cash in whatever benefits and in some situations the organisation can also be put at risk (when laws are broken for example).

In short: Internal policies management at its worst!

The pitfalls of the traditional approach

Despite their importance, few organisations take the right steps towards policies and procedures that people can follow and comply with.

The usual approach to internal policies management is top-down!

What usually happens is that someone writes a policy based on what the top management want or think the purpose of the policy is. The policy is typically extensive, written most of the times in a language not readily understandable. The policy is then published in some remote part of the company intranet. Employees typically receive an email informing them that a new policy has been issued, and they are expected to comply with it directly!

Employees are rarely involved in the making of the policy; they’re never required to provide feedback if the policy works for them or not and, as far as my experience is concerned, very seldom an ex-post analysis is done to understand if the policy is producing the benefits.

The traditional scenario is that the policy is mandated, published and then forgotten!

It comes not as a surprise, then, that companies complain they don’t see the benefits.

Why does then the traditional approach to internal policies management fail?

Here are my 5 reasons

  1. Relevance: the business context and the desired outcomes are not generally clearly stated. People don’t understand why they have to comply and what is their benefit for doing so. Take a travel policy, for example. The request of channelling purchases through the appointed travel management companies doesn’t aim just at getting costs savings, but also to know where travellers are and be sure one can reach them in case of necessity. There’s a need for safety and security behind that’s not always highlighted.
  2. Complexity: there are too many rules, too many approvals. In the attempt not to forget anything essential and in trying to include and foresee any situation that people might encounter, policymakers end up writing the list of the cases included in a policy that is many pages long. And in more hierarchical organisations, also the number of approvals needed skyrockets making the whole process lengthy and cumbersome. No wonder people try to find shortcuts!
  3. Fit for business: policies don’t get timely updates when they become obsolete due to changes in the business and the external environment. They start being a burden rather than a way to make things more efficient. This happens a lot. Policies are issued and shelved. To ensure they still perform their task, policies should be periodically reviewed and updated to keep them relevant to the business.
  4. Self-determination: people desire to have a sense of free will when acting, even when it’s for company business. Mandating an action or a behaviour instantly creates resistance towards the actual conduct you want to promote. Better to leave some degrees of freedom and alternatives. If alternatives are not viable, then highlight why they’re not good. Self-determination is the same principle for which Google maps shows different routes with their respective time. The users are then left to choose which one they prefer.
  5. Friction: policies often fail because they mandate an approach or a flow quite distant from the “ordinary way” people use. This happens because a lot of times, new policies and procedures are issued following a technological change. The system changes, so policies need to change. And not always, these changes are straightforward, and steps and flows are adapted to the system generating awkward results.

The way forward: human-centred policy design and co-creation.

There’s a way to improve the way companies approach their internal policies management: Human-centered design. It provides a strong foundation for policies and procedures that are followed by people and produce the expected benefits.

Let’s see how:

  1. Always ask why: why do you need the policy, what is the real outcome you want to achieve. Only when this answer is satisfactory and complete, move to the following steps which are asking “What if” to evaluate different scenarios and different approaches to achieve the desired objective. Only then proceed to work on the “How”, the practical approach and steps to be designed to achieve the original purpose. In reality, most of the times, policy writers jump immediately to “solution mode”, i.e. the How, missing the previous steps. The resulting policy risks to be lacking in terms of quality and solutions proposed, maybe going onto the well-known path and ignoring more original possibilities that would address the issue in a different (and possibly more effective way)
  2. Focus on people needs and pain points: what are the requirements (of the user and the main stakeholders) that you’re trying to fulfil with the policy? Are they all clear? A simple way to do this is to talk to actual users and to involve them in the process of creating a new policy and or procedure. Expanding also the reach with a comprehensive analysis of the different stakeholders’ groups so as all the other interests are factored in is another success factor. The first-hand knowledge that users and stakeholders bring on to the table about the issue you’re trying to solve will be precious to design better policy and their participation to the process will make it easier to implement it. Co-creation is the operative word here!
  3. Focus on the journey: what are the steps users need to follow when applying a policy or procedure? Are they difficult? Can users quickly achieve their objective? Can they get the results they need? Are there steps of the process where they can get stuck? Can they get frustrated because they cannot perform a task or an action? How can you ensure that the process goes smoothly and users can be satisfied with it? Customer or User Journey Mapping is a strong and powerful tool in designing a Customer or User experience. Working with Journey Mapping, help understanding how the user sees the relationship with the organisation in the different steps or parts of the process. It’s a way to understand the user’s frustrations and pain points, so as it’s easier to know where eventual corrective actions need to be taken.
  4. Give policies a K.I.S.S (keep it simple, stupid!!). This is one of the most basic principles in UX Design. When designing a system or process, the simpler, the better! Try to focus on the bigger picture of the objective you want to achieve. Don’t create obstacles and increase complexity by adding steps or authorisations. I know that in many organisations’ maverick behaviours by some employees push to increase the level and number of controls. Still, these make life complex also for those employees who are respectful of the policies. So keep it simple and manage non-compliant behaviour differently.
  5. Make them accessible. You cannot expect people to know all the smaller aspects of your policies by heart. Make it simple for them to comply, by improving the interfaces and making them easier to understand and self-explanatory. Be more visual and make policies accessible easily and to everyone, when they need them.

So next time you need to review a policy or procedure in your organization give Human-centered design a try. You’ll see the difference!

And how is your organisation handling your policies? Tell me about it!


Want to know more on how to use human-centered design in the procurement area? Read my other blogs on the topic:

The dawn of a new Procurement – Reignite your business with a partnership for growth

Make the difference with services procurement

The stakeholder whisperer: effective stakeholder management for successful projects