Show TOC

Procedure documentationCreating a Policy Locate this document in the navigation structure

 

Policies are principles, rules, and guidelines formulated or adopted by an organization to reach its long-term goals.

Example Example

A Global Travel Policy is one example of a business policy. The goal might be to reduce costs and increase efficiency by mandating that everyone in the company adhere to this policy.

End of the example.

Prerequisites

You must create a policy group before you can create a policy.

Procedure

  1. Choose   Master Data   Regulations and Policies   Policies  

  2. Choose the Policy Group where you want to add the policy.

  3. Choose   Create   Policy  

  4. Select a Policy Object Type and choose OK.

    Note Note

    The Policy Object Types are configured during the Customizing activity Maintain Policy Types and Distribution Methods under   Governance, Risk, and Compliance   Common Component Settings   Policy Management  .

    End of the note.

  5. Complete the fields on the General tab.

    Policy — General tab

    Field Name

    Description

    Name (required)

    Create a distinctive policy name.

    Description (optional)

    Enter information to tell users the contents of the policy.

    Distribution Methods (required)

    Select Acknowledgement, Quiz or Survey. If you choose Quiz or Survey, you must specify a template from the Survey Library. An e-mail is sent to the recipients with a PDF attachment, showing the required actions.

    Purpose (required)

    State the reason for the policy.

    Policy Category (optional)

    Select the categories this policy belongs to.

    Date (optional)

    Enter the date.

    Assignment Method (optional)

    Select Assign Directly, Inherited, Localized, or Superseded.

    Responsible Organization (required)

    Enter the organization responsible for the policy.

    Created by (optional)

    The default is the person who created the policy.

    Created On (optional)

    The default is today's date.

    Valid From (required)

    Enter the first date of effectiveness for the policy.

    Valid To (required)

    Enter the last day of effectiveness for the policy.

    Date for Next Revision (optional)

    Enter the date for the next revision. This date must be between the Valid From and Valid To dates.

    Note (optional)

    Enter any material that might be helpful to approvers or reviewers.

  6. Select the Policy Document tab. Attach the actual policy documents (word files, excel files, images) that contain the written policy. The policy documents may reside in SAP Document Management Systems (DMS) or you may include links to documents residing in external DMSl.

  7. Select the Policy Scope tab.

    You document who is in scope and subject to the policy. You may also explicitly specify who is excluded from the scope of this policy. Define which Organizations, Processes (contained in the Organization), Activities, People (can be roles, user groups, or specific users) or Exclusions you want to identify (text field). This is who receives the policy when it is published.

  8. Select the Risks tab.

    This is the risk associated with the nonadherence to the policy. If the company is not compliant with the policy, this is the risk that could occur.

  9. Select the Controls tab.

    Assign the controls or indirect entity-level controls that pertain to the policy.

  10. Select the Policy Sources tab.

    Specify the sources or the reasons and motivations behind the creation of the policy. There are defaults choices provided. Add or remove sources as needed.

    Note Note

    The Policy Sources are configured during the Customizing activity Maintain Policy Source Categories under   Governance, Risk, and Compliance   Common Component Settings   Policy Management  .

    End of the note.

  11. Select the Issues tab.

    If there are any ad hoc issues related to this policy that need to be addressed, they will be displayed in this tab.

  12. On the Roles tab you can assign users to individual roles (such as Policy Owner, Policy Approver and Policy Reviewer), as well as replace or remove them. To assign a user, select the line of the role to which you want to assign a user. Then choose Assign. In the dialog box then displayed, you can search for and select the user to be assigned to this role. You can assign multiple approvers and reviewers.

  13. Select the Review and Approval tab to view the status or the approvals. If you did not assign specific reviewers or approvers, the Default Approvers (usually the Organization Owner — the owner of the organization specified in the Policy Scope tab) are asked to approve the policy.

  14. Choose Save.

  15. Decide if you can immediately Submit for Approval or if you need to Send for Review.

More Information