Organizational Memory
Policies card, MethodKit for Memory & Reminiscence
Card 45 of 66 · MethodKit for Memory & Reminiscence
  • ThemeGovernance, Legal & Risk
  • CardCard 45 of 66
  • Questions5 to explore
Governance, Legal & Risk

Policies

Rules & guidelines within the organization

Policies are only useful if people can find them, understand them, and trust that they are current.

Most organizations accumulate policies over time, often in response to a specific incident or a legal requirement. The result is a collection of documents written at different times in different styles, stored in different places, and reviewed by almost nobody. That is not a policy library; it is an archive.

What actually helps is a small set of clear, current policies that cover the things people genuinely need guidance on: how expenses work, what is acceptable use of company systems, how complaints are handled, what the code of conduct is. Each one should have an owner who reviews it periodically and a place where employees know to look.

Policies also need to match the organization's actual size and maturity. A five-page data retention policy that nobody reads is less useful than a one-page note that people can actually follow.

What to capture

For this part of the company brain, what is worth writing down and keeping current. The goal is not a complete archive but a living record that new people can read and returning people can trust.

Policy register

A list of all active policies, where each one lives, who owns it, and when it was last reviewed.

Employee-facing policies

The policies staff are expected to know and follow, including anything required by employment law, and how they are communicated to new joiners.

Review schedule

When each policy was last updated and when it is next due for review, linked to any regulatory requirement that drives that cycle.

Policy gaps

Areas where the organization is operating without a documented policy despite a genuine need for one, and the reason those gaps exist.

Questions to explore

Use these on your own or in a group. There are no right answers, only better conversations.

  1. If an employee needed to know the company's policy on something, where would they go to find it?

  2. Which policies have not been reviewed in more than two years?

  3. Are there areas of real risk or frequent questions where no written policy exists?

  4. Do policies reflect how the organization actually operates, or do they describe a version of the organization that no longer exists?

  5. Who is responsible for keeping policies current, and do they have time to do it?

Things to notice

  • Policies stored in a platform that most employees never log into effectively do not exist from a practical standpoint.
  • Policies that were written for a much larger or more formal organization often get imported unchanged into smaller ones, where they create confusion and are quietly ignored.
  • A policy without an owner has no one to update it when circumstances change, which means it gradually becomes inaccurate rather than useful.