The mismanagement of policies has grown exponentially within organizations with the proliferation of collaboration and document sharing software such as Microsoft SharePoint. These solutions to their credit as well as downfall enable anyone to post a policy. Organizations end up with policies scattered on dozens of different internal Web sites and file shares, with no defined audit trails or accountability for them. This produces policies that are written poorly, out of sync, out of date, and with no evidence of how the policy was communicated, read, and understood.
Collaboration software such as SharePoint is a great tool for managing and sharing non-sensitive documents in a very general way — such as wikis, blogs, Web content, and documents usually shared among a specific group. While collaboration and document-sharing software like SharePoint appears easy and cheap to implement, the reality is that the cost to the organization is significant in the liability and exposure of ineffective policy management. Many organizations have decided to take that path only to find that it is neither intuitive nor appropriate for policy management.
There are strict compliance and legal requirements that must be instituted when managing policies — requirements that a build-your-own policy management system makes difficult to achieve, and come at a significant cost to the organization. Some organizations feel that they could accomplish at least some of the necessary features, requiring significant development effort to achieve an appropriate and effective policy management environment. The cost actually exceeds the cost of purchasing a policy and procedure management (PPM) software platform. Add ongoing maintenance and support of a build-your-own policy management system, and the costs grow higher.