Why Policy Management Fails

Part 2

Getting employees to read, understand and, more importantly, adopt workplace policies is a huge organisational challenge. HR departments can no longer rely on employees to browse the employee handbook or the corporate intranet. In time-pressured jobs, policy compliance just doesn’t rank above operational delivery.

Too often line managers neither have the information to assess the gap between policy theory and practice nor the tools to enable them to do something about it.

Unless there is a strong culture of compliance or people are aware that a failure to comply with the policy management process will impact on them directly, only cursory attention is paid to the compliance process.  Kieran Poynter in his review of information security at HM Revenue and Customs clearly upheld this opinion following the major data breach at HMRC. He concluded that, "The lack of accessibility to security policy and failure to deliver its messages has resulted in few HMRC staff understanding the department’s policies and procedures around information security. Indeed, a large number of interviewees were completely unaware of the existence of ….. policies and guidance contained therein."

Go to part: Part 3 - More Effective Policy Management