The procedures outlined in this document support SPG 601.35, Development of University Policy. Audit Services has exclusive ability to add, change, or delete content to the Standard Practice Guide (SPG) policies and organization charts. To maintain the integrity of the Standard Practice Guide, Audit Services is responsible for coordinating publication of the Standard Practice Guide and organization charts in final form and for ongoing maintenance of the SPG website.
A. New Policy Development
The development of new policy should include the following steps:
- Assess the need for the policy and ensure the subject matter of the policy is broadly applicable to a large segment of the university.
- Assess any implications of the proposed policy, including cost and resource requirements.
- Make use of subject matter experts and drafting experts to develop the policy.
- Consider and develop materials needed to both enable and inform the operation of the policy:
- enabling documents: procedures, forms, delegations of authority, business processes
- informing documents: guidelines, FAQs, templates
- develop a communications and implementation plan before final approval
- Where appropriate, provide university members relevant to the policy’s subject matter an opportunity to review and comment on policy before final approval.
- Once Finalized, the executive officer(s) or delegate(s) (i.e., Policy Approver) should email their approval along with an electronic copy of the revised SPG to [email protected]. Once the electronic copy is received, Audit Services will update the Standard Practice Guide. The electronic copy and approval are retained permanently.
- It is the responsibility of the issuing office to make the university community aware of new or changed policy. It should also be determined how compliance is going to be monitored as appropriate.
B. Policy Review/Change
The university official(s) charged with the responsibility for implementing and/or updating university policies in their area is the policy owner(s). At least every five years, it is the responsibility of the policy owner(s) to review and update policies when necessary. Joint policy owners should determine responsibility for leading the review and update process to ensure policies remain up to date. Once a year, Audit Services will send a copy of the policies scheduled to be reviewed in that year as well as any overdue to the policy owner(s). Each policy includes a “Next Review Date” and remains in effect even if the review date is past.
- Major or substantive revisions to an existing policy must be treated the same as new policies, and will undergo the development and approval process described in Section A of this procedure. This will advance the next review date 5 years from the date of approval.
- If no changes or minor revisions are made when a policy is reviewed, the policy approver should send an email along with an electronic copy of the revised SPG to [email protected]. This will advance the next review date 5 years from the date of approval.
- The policy owner(s) can and should make minor revisions that do not change the substance of a policy (e.g., changing links, updating primary contact, changing references to other policies or documents, changing position titles). These types of changes can be made by the policy owner without the involvement of the policy approver. However, this will not advance the next review date.
To increase awareness across university units, policy owners should provide a brief summary of the changes made or indicate that no changes were made in the Notes section at the bottom with each update.
C. Decommissioning an Existing Policy
Policy owners may decommission a policy when it is no longer applicable or is more effectively combined with another policy.
- The policy owner(s) should send a written request to remove the policy along with the written approval of the appropriate executive officer(s) or delegate to [email protected].
- Once the request for deletion has been received, Audit Services will review the deleted section for potential effects of the removed policy on internal controls and other Standard Practice Guide policies. The decommissioned policy is then deleted from the Standard Practice Guide. A copy of the written request and approval are retained permanently.
D. Organization Charts
Executive officers or their delegates are responsible for ensuring that organization charts for their area are reviewed annually and updated as necessary. Each fall, the Office of Audit Services coordinates the update of the organization charts. Once the appropriate executive officer or his or her delegate reviews and approves edits to the charts, the updated charts are returned to Audit Services, and new charts are posted to the SPG website.