Course Content
Reviewing existing policies
1.1 Identify existing policies in the organisation 1.2 Analyse existing policies according to organisational procedures 1.3 Evaluate improvement needs and opportunities 1.4 Consult with relevant stakeholders and confirm need for new policy development
Establish the need for policy development
2.1 Identify internal and external factors likely to cause changes to organisation policy 2.2 Consult with relevant stakeholders and document impacts of factors identified 2.3 Analyse need for new policy against internal and external environment and existing policies 2.4 Identify and recommend to relevant stakeholders priority areas for policy development according to organisational procedures 2.5 Identify and analyse associated issues and risks likely to impact policy development 2.6 Implement risk management processes
Prepare for and develop policy
3.1 Identify type of information required to develop policy 3.2 Outline policy requirements according to organisational procedures 3.3 Develop an analytical framework for the development of policy 3.4 Source, analyse and apply relevant information to support policy development according to organisational policies and procedures 3.5 Develop, consult with and recommend to relevant stakeholders a range of policy options and assessment criteria 3.6 Obtain approvals from stakeholders according to the policy development plan and organisational policies and procedures 3.7 Draft policy according to consultations, feedback and organisational policies and procedures 3.8 Facilitate agreement to policy via organisational channels and relevant stakeholders
Release and review policy development processes and policy
4.1 Communicate with relevant stakeholders responsible for implementing new policy 4.2 Facilitate discussion and manage dissenting stakeholders 4.3 Release and promote the policy according to organisational requirements 4.4 Seek feedback and respond to relevant stakeholders for future improvements for policy development
BSBSTR503 Develop organisational policy
About Lesson

Policy guides everything from individual behaviour, to the direction that an organisation will take. So it’s no surprise that risk management plays a large part in the process of policy development. For example, an organisations social media policy must be careful to reduce the threats and risks associated with employees using social media, whilst upholding their individual rights to access and use personal platforms. The risks associated with this range from contravening the rights of an individual, through to major reputational risk if a social media post was to impact the organisation.

A conventional risk management process follows four steps. These are outlined in more detail in your learner guide, but essentially, there’ll be a need to identify potential risks associated with a given policy. Then you will need to assess the risk in terms of the likelihood of it occurring, and the impact that it will have should it do so.

You can then move through each of the risks you’ve identified and rated, and select appropriate treatments for each. This can include avoiding the risk altogether, through to accepting the risk if the rating is low enough.

The fourth and final step is to monitor the risks after the policy is implemented. This is to ensure you’ve thought of all the contingencies and have appropriate plans in place to deal with anything that may arise once people start applying the policy.