James A. Nortz, the senior compliance lawyer for Kraton Polymers, offers his views in the ACC Docket, Vol. 24, Oct. 2006 at 112, on the role of the legal department with regard to corporate policy statements. He recommends five steps the department must take to put the company’s policies to work.
First completely inventory your company’s policies and “keep only those that are truly essential for running your business.” That sounds simple but I suspect it drags a law department into a morass of corporate sensitivities and viewpoints.
Second, Nortz recommends that the law department organize the final list of policies into segmented groups. For example policies applicable to all employees would be gathered together. Again, this sounds easy, but given enough policies it could be quite difficult to create a taxonomy.
Third, put the policies on the corporate intranet site with hyperlinks so that an employee can click on the link and read the policy. Sure, a intranet site and easy-to-use uploading, etc.
As a fourth step, senior management needs to stress the importance of the policies.
Finally, Nortz would require all managers to sit with their employees and help them identify and understand all applicable policies. He would have all employees certify that they have read and understood the policies. Note that someone must track this whole administrative process. To top it off, Nortz says that the company’s audit team must routinely check on compliance with all these steps and hold people accountable.
Admirable steps and policies, even if probably too extensive for real life, my point is that these administrative steps should not be loaded on the law department.