Why Have Procedures?

Compliance
Operational Needs (i.e. consistency)
Manage Risks
Continuous Improvement

REQUIRED POLICIES AND PROCEDURES

Only company policies and procedures required by standards, regulations or company strategy must be developed. ISO 9001 does not even require procedures, so why do many companies feel they need to write 40 or more procedures to achieve control? Occasional users need procedures as a reminder of procedure steps that they do not perform very often. Frequent or regular users do not need, and often times do not use, the procedure. So how are those other 34-plus procedures used and what’s the importance of writing procedures? Most procedures are used to train infrequent users. For training purposes you may only need a process map. Are you using your procedures to make up for a weak training program?

New Release of “How to Write a Policies and Procedures Manual” is now available.

YOUR POLICIES PROCEDURES TEMPLATE DESIGN

When you do write procedures you will need to standardize on a procedure template design. Start your policies and procedures template design by thinking through your document and record control procedures. Your procedure template design should make room for a header block to ensure your procedure communicates your purpose and scope.

Add a Title, Policy, Purpose, Scope, Responsibility, and Definitions section to help people understand your procedure and you should start to see the importance of writing procedures. Clear department responsibilities identify who does what and helps to declare which positions are mentioned in your procedure with a synopsis of what is expected for each position. Key term definitions reduce confusion; industry jargon should be explained in the definitions section of your procedure to help new procedure users.

WRITING POLICIES AND PROCEDURES

Before you start writing procedures from scratch, look around for examples, or templates, that you can copy. Pre-written procedures will speed up your development, reduce your research time, and turn writing procedures into editing procedures. I’ve found it’s a lot easier to edit a procedure than to write one from scratch, depending on the procedure. Many procedures are really common using business best practices, so why reinvent the wheel?

ACTIVE VOICE CONSTRUCTION

If you have to write a procedure from scratch, start writing procedures using active voice construction to reduce task confusion. Subject, verb, object provides clear active voice construction for your procedure. For example, “Accounts Receivable invoices customers” is clearer and contains fewer words than “customers are invoiced by Accounts Receivable.” The extra “are” and “by” make the sentence longer, put the subject last, and force the reader to stop and reread the action. Be direct and to the point — use the active voice.

PROCEDURE REFERENCES

References also go in to the importance of writing procedures. Add references to related documents to improve your procedures’ usability. Clearly note when your procedure refers to other procedures or forms. There’s nothing worse than following a procedure and coming to a passage that refers to a company form and…that’s it. You don’t know what the form looks like, where you might find it, or what version of the form you need. Putting an example of the form, with an explanation, in the procedure will save you and your users time during procedure training and implementation.

List applicable laws or regulations: clearly communicate your company’s need for compliance. If you’re implementing a records retention procedure, references to IRS or equal employment opportunity (EEO) passages, for example, provide a brief synopsis and help you implement your procedures.

Manage Risks with Well-Written Procedures

Every business must recognize and manage risk. In fact, risk assessment was a key component of COSO’s Internal Control-Integrated Framework, and recently COSO expanded the concept, developing a report titled Enterprise Risk Management-Integrated Framework. COSO defines risk management itself as a process to ensure all events can be managed according to an organizations risk appetite. Established policies and procedures are identified by COSO as a control activity needed to manage risk.

So whether it is a fire or a corrupt/incompetent accountant, procedures define how reasonable measures are built into processes to prevent such events, and they describe how the organization will manage and recover from such events should they occur.

Another reason for procedures that fits well into this category is the documentation of organizational knowledge. Key personnel leaving, perhaps even joining a competitor is always a risk. That risk is diminished to a degree if key organizational knowledge is documented in a procedure, as opposed to important information being stored in a person’s head, in their computer, on simply jotted down in their notebook or journal.

Procedures Can Drive Improvement

Continuous Improvement is one of the most important, yet frequently overlooked reasons for developing an internal control system of policies and procedures. One role procedures play in continuous improvement is implementing a Plan-Do-Check-Act (PDCA) approach to processes.

Clear policies (that should be developed or approved by management) describe operational goals and direction, implemented by the Plan, which includes SMART objectives and that describe best organizational practices. The Do section carries out the plan and captures the data related to the stated objectives. The Check phase reviews the data in relation to goals and objectives, and Act means reflective changes in the process or the procedure that improves the process effectiveness, or altering objectives to be more realistic or meaningful. The ISO 9001 Standard is a great place to learn more about the PDCA process approach.

Lack of clear communication is a common impediment to improvement and success. Procedures can also build important internal communication practices into processes. For example, the collection process can include notifying the Sales Department which customers aren’t paying their bills, so the Sales staff isn’t spending time making sales calls to customers who do not pay for what they buy.

Pay Attention to Internal Processes

Another way to address the question of “why have procedures?” is to use the analogy between procedures and other controlled documentation such as a manufacturing Bill of Materials. Manufacturing companies need a very controlled Bill of Materials because they want to ensure that every product has all the right parts assembled into it. They don’t leave it to chance, and they don’t want just anyone to be able to make changes, allow substitutions, etc; Such unregulated activities could have a severe impact on product quality and customer satisfaction.

Aren’t there internal processes going on in your organization right now that deserve similar attention? Shouldn’t they be documented just as carefully and with as much control as a Bill of Materials? Procedures play that role, and they should be developed with similar care and diligence as a Bill of Materials, as well as be under the same type of document control.

Policies and Procedures Overhead

Large organizations have a large number of procedures. They have a lot of staff, business operations, and economy of scale to make their procedures work. Smaller businesses should remember — the more business procedures you write, the more business procedures you have to edit, implement, train, audit, and review. More procedures may also produce more audit findings in addition to more updates, more documents to control, and more administration overhead.

Many companies fail to plan for this administration and procedure overhead, so it should come as no surprise that their procedures don’t work as well as expected. Every procedure becomes outdated, eventually. Also, due to infrequent maintenance and use, some procedures are overlooked when it’s time to update them. This can result in repeated procedure audit findings or, worse, repeated waste, fraud, and abuse which the procedures were intended to reduce.

The lean thinking solution is (a) to write only procedures that you absolutely have to write to conform to requirements and (b) to improve your training program to build competent and skilled employees instead of writing procedures you don’t have the time or budget to maintain.