All policies
14 policies across 6 categories — filter by category and status to find what you need.
CategoryAllSecurityHRPrivacyOperationsFinancialGovernance
StatusAllPublishedIn reviewDraftRetired
| Code | Title | Category | Status | Owner | Version | Next review |
|---|---|---|---|---|---|---|
| POL-FN-001 | Financial Authorization Matrix Tiered spend limits, dual-control thresholds, and signing authority for purchases, contracts, and disbursements. | Financial | Published | CFO | v4.3 | 1/1/2027 |
| POL-GV-001 | Quality Manual Top-level governance document defining the quality management system, scope, and process interactions. | Governance | Published | Quality Manager | v6.1 | 3/20/2026⚠ |
| POL-HR-001 | Code of Conduct The company's core ethics charter — anti-harassment, conflicts of interest, gifts, and whistleblower protections. | HR | Published | VP People | v5.0 | 7/1/2026 |
| POL-HR-002 | Background Check Policy Defines the screening required for employees, contractors, and elevated-access roles prior to start. | HR | Published | VP People | v1.6 | 10/15/2025⚠ |
| POL-IS-001 | Information Security Policy Top-level security policy defining the company's commitment to confidentiality, integrity, and availability of information assets. | Security | Published | CISO | v3.2 | 1/15/2027 |
| POL-IS-002 | Acceptable Use Policy Defines permitted and prohibited use of company systems, devices, networks, and data by all personnel. | Security | Published | CISO | v2.4 | 11/1/2026 |
| POL-IS-003 | Data Classification Policy Establishes the four-tier classification scheme (Public, Internal, Confidential, Restricted) and corresponding handling controls. | Security | In review | CISO | v1.9 | 4/22/2026⚠ |
| POL-IS-004 | Incident Response Policy Defines roles, severity tiers, communication plans, and recovery objectives for security incidents. | Security | Published | CISO | v2.7 | 8/5/2026 |
| POL-IS-005 | Access Control Policy Mandates least-privilege access provisioning, periodic recertification, and joiner/mover/leaver workflows. | Security | Published | CISO | v4.1 | 12/1/2026 |
| POL-IS-006 | Vendor Risk Management Policy Establishes the lifecycle for evaluating, onboarding, monitoring, and offboarding third-party vendors. | Security | Draft | VP IT | v0.9 | 6/1/2027 |
| POL-OP-001 | Business Continuity Policy Establishes the business impact analysis, recovery objectives, and crisis-management structure. | Operations | Published | COO | v2.2 | 5/12/2026 |
| POL-OP-002 | Change Management Policy Governs how production changes are proposed, reviewed, approved, deployed, and rolled back. | Operations | Published | VP Engineering | v3.0 | 2/1/2027 |
| POL-PR-001 | Privacy Policy Internal privacy policy describing how personal data is collected, processed, stored, and shared by the company. | Privacy | Published | General Counsel | v3.5 | 9/15/2026 |
| POL-PR-002 | Records Retention Policy Defines retention periods, legal holds, and disposal requirements for company records by category. | Privacy | In review | General Counsel | v2.1 | 6/30/2025⚠ |