Policy management is the foundation of all governance, risk and compliance activities, but most often it is one of the least structured processes within an organization. Policy, done right, can articulate corporate culture and the boundaries of individual and business behavior, especially as it relates to risk responsibility, legal and regulatory requirements, contracts and commitments, and codes of conducts. Done poorly, organizations find their resources consumed with lawsuits, fines, quality control issues and rework, and potential loss of business. 

FileVision's Policy Management Solution empowers your organization to implement consistent, efficient and sustainable processes for managing the lifecycle of corporate policies and procedures and demonstrating compliance. Automate, measure, validate and report at every step of your governance and compliance initiatives, whether within individual departments, business units or branches or organization-wide, ultimately reducing risks and costs while increasing transparency.

  • Securely manage all policies and procedures in a single location
  • Create, Modify, Approve, Distribute
  • Link policies and procedures to the sources - the 'why's'
  • Assure acknowledgement and comprehension through quizzes, surveys, and e-signatures
  • Track and report the status of each policy and intended audience - who has acknowledged which policy, and which policies haven't been acknowledged by whom
  • Demonstrate compliance through every phase, including historically for regulatory and incident management
  • Affordable and scalable for small and medium sized organizations to large enterprises
  • MS Word Integration
Developed on FileVision's unique ALFO platform links people, processes, documents, data and assets, FileVision's Policy Management suite can be delivered on-premise or SaaS.

  • Centralize and normalize your organizational policies, using automated workflow to ensure proper review and approval
  • Use your existing policy and procedure content or choose from our policy library
  • Rationalize policies and procedures by mapping them to organization objectives and the sources that govern your business, whether regulatory, statutory or voluntary.
  • Communicate new and updated policies across your enterprise through user-specific dashboards and email notifications that are relevant to specific roles, departments and functions.
  • Demonstrate policy awareness and understanding through targeted comprehension assessments and attestations.
  • Initiate and manage requests for policy exceptions automatically using built-in workflow and alert notifications.
Immediately search and report by employee (contractor, supplier, etc.): which current policy documents have they acknowledged and which have they not, and by policy document: who has not acknowledged the most current version.


The first step in arriving at a consistent, sustainable process for policy management is to consolidate and centralize. The breadth and depth of the voluminous increase in laws and regulations that describe acceptable organizational practices are in sharp contrast with the less than adequate attention paid to responsible policy management.

Organizations create new policies and modify existing policies with regularity. This requires a defined process for writing the policy and going through stages of policy draft approval and review, so that the policy can be published. Teams are linked together with stakeholders through a centralized platform that enables a complete view of policy drivers, environmental changes, and policy goals. Centralized access to existing polices and content management tools help ensure standard formats and language across policies. Audit trails and versioning keep a complete history of the policy throughout its stages, while alerts and notifications keep policy creation on track.
  • Centralize existing policies, standards and control procedures, establishing the foundation for risk monitoring and compliance measurement activities.
  • Supports version control, change submissions, e-signatures, and annotations with full audit trail
  • Fully secured by user and groups
  • Create or import policy documents or utilize templates from the extensive policy library.


Policies and procedures should be linked to the regulation, contract, internal directives or particular source from which the policy derives. Rationalization is the 'why', and provides the internal structure for truly managing policies and procedures rather than just grouping and storing them. As regulations change and new sources require new policies, staff can immediately go to the corresponding policy or procedure to effect the necessary changes.

In a similar way, rationalization includes establishing ownership of the policies and procedures. Who, either by person, title or role, is responsible for ensuring that conduct relating to specific regulations or other sources is clearly defined?

  • Link Policies and Procedures to organization objectives and the sources that govern your business
  • Eliminate outdated and orphan policies
  • Clearly establish responsibility and accountability of organizational directives, statutory requirements and contractual obligations.


Once a specific policy has been written and approved it must be communicated. This communication process is actually 2 way. The organization must communicate the policy in a clear, easily accessible manner to all affected parties whether employees, suppliers or contractors. The individual must then communicate her understanding and acceptance of the policy securely and unambiguously.

As new policies, or changes to existing policies take effect, FileVision provides an automated mechanism for securely delivering them to the appropriate individuals. Notices and reminders are sent and tracked so that the status can be monitored and managed through attestation. Or, as in the case of new employees, contractors, suppliers and the like, all relevant policies for an individual (or group or company) can be identified and sent as links to be read. In addition, individuals can always have easy access to those policies that relate to them for review.
  • Publish using both targeted "push" and on demand "pull"
  • Deliver surveys, quizzes and tests to assure understanding of policies and expected behaviors
  • Securely, unambiguously capture attestations indicating understanding and acceptance of the policy


Policies are the very backbone of any compliance issue or initiative. Demonstrating compliance for an organization requires policy management. Often the primary characteristic determining liability of an organization vs liability of an individual associated with the organization is the existence within the organization of a well implemented policy management system for compliance.

Every policy and version of a policy is archived for referral at a later point in time. When an organization becomes aware of an incident, or a regulator has a question, it is necessary to have a full view into the accountability history of a policy - the owner, who read it, who was trained, and who attested and on what version of the policy at a particular date in the past.
  • Prove attestation at specific points in time
  • Respond with confidence to executive management, external audit and regulators
  • Eliminate the risk of unread, unattested policies

Want to learn more? Please send us a request for information or contact us at 770-551-1400