Policy Management is the creation, approval, organization and dissemination of all policy and procedure documents (and tracking whether members of your organization have actually viewed the documents).

Governance, Risk Management and Compliance (GRC) policies and procedures literally define your business and its priorities. Some are required by law, others by your operations, but each one is important and should be carefully managed. To truly be effective, policies should be centralized, automated and integrated into a comprehensive ethics and compliance program.

Prerequisite	Defined requirements required prior to 3P (Process, Policy, Procedure)
Purpose	A regulation, or set of guidelines with overall direction
Policy	A rule for all individuals accessing and using an organization's IT assets and resources
Process	A series or set of activities that interact to produce a result to ensure compliance with a policy
Procedure	The specific, detailed series of actions that must be taken (as part of a process)
Plan	Assigned to specific individual, role or contractor, vendor or third party
Performance	Measurement of any/all

Policy, Process and Procedure and Plan Rationale 

Why is process documentation important? 

Documentation plays a critical role when you are creating a new process or refining an existing one. Writing it down in a document takes the guesswork out of the equation and keeps your processes aligned with your organization’s goals. If you don’t have clearly documented processes, stakeholders will find it extremely difficult to understand their roles in executing a task.

Process documentation helps you with:

• Consistency: When you have process steps outlined in a document, your tasks will be performed more uniformly. Even when multiple stakeholders collaborate on a single task, you can ensure consistency by having clear process documentation.
   
• Structure: Process documentation brings structure to your tasks. Your employees will have a clear idea of what to do first and what to do last. They can also identify their place in the overall process and understand their roles without any doubt.
   
• Operational clarity: Employees are likely to hit roadblocks when performing some tasks. With process documentation, they have a written document to fall back on and refer to whenever required. This helps with the successful completion of critical tasks.