We’ve just launched new features to help you work smarter!
Check them now!
Prefer to speak to us about our approach to feedback on policies? Book a short call with one of our team to get answers to your questions.
Policies and controlled documents play a vital role in your organisation’s governance, risk, and compliance (GRC) strategy. In this article, we discuss Policy Feedback, a crucial part of the Policy Management Lifecycle.
This series explores the key considerations at each stage of the policy lifecycle.
Prefer video? No problem, watch a short video on Policy Feedback instead.
Policies evolve. Your organisation changes, regulations shift, and the way people work keeps moving. Without a proper feedback loop, policies risk becoming outdated, unclear or ignored.
We often see organisations focus heavily on writing and approval but invest less energy in what happens once a policy goes live.
Here’s how to collect and manage policy feedback the right way to support good governance and build trust in your policies.
Different types of feedback require different responses. Your process needs to support a range of situations, while providing a single, clear entry point for employees.
Clarification
An employee does not understand a section of the policy and needs it explained, or the wording introduces ambiguity that needs to be addressed.
Business Change
An internal change means the policy no longer reflects how you operate. This might be due to a new system, service, or way of working.
Regulatory Change
An external requirement has changed, meaning the policy needs to be updated to remain compliant.
Non-conformity
An employee has not followed the policy. This feedback highlights where that happened. It may trigger a policy review rather than escalation with the individual.
Exception
The policy was not followed for a valid reason. This provides context and allows for risk-based judgement.
Once feedback is submitted, it should be routed to the relevant policy owner for review. In some organisations, this may also include notifying the quality team or designated approvers, depending on the nature of the feedback. Not all feedback will result in immediate action, but every submission should be acknowledged, assessed and tracked.
For clarifications, formatting updates and other minor issues, a non-material change can be made without triggering the full approval process. These changes should still create an audit trail but do not require sign-off from management, boards or committees.
Where more significant changes are needed, the policy must follow the standard review and approval process defined for that policy.
If the changes are not time-critical, they can be deferred and included as part of the policy’s scheduled anniversary review.
Collecting feedback is not just about capturing comments. You need a structured process that supports governance, traceability and action.
Feedback Must Be Given in Context
Staff should be able to provide feedback while reading the policy, not through a separate channel. This ensures feedback is directly linked to the relevant policy.
Feedback Must Be Logged
You need a clear record of what was said, by whom, and when.
Feedback Must Reach The Right People
Policy owners need to review and respond to feedback. At the same time, your quality or compliance lead needs visibility across all policies.
Not All Feedback Will Be Actioned Immediately
Some comments can be reviewed at the policy’s next scheduled anniversary.
Where Immediate Action Is Needed
Policies will either be republished with a non-material change or go through the formal approval process, depending on the nature of the update.
When we start thinking about the solution, it's important to consider what information needs to be captured, and what actions need to be taken in response to that feedback.
Let’s start by looking at the core data you need to capture:
Actioning Information
You also need to consider how the right person or people will be informed when feedback is submitted.
Optionally, you may also choose to notify the person who submitted the feedback once it has been reviewed or actioned.
Given this context, let’s look at the options available within Microsoft 365.
There are several ways to collect feedback using Microsoft 365 tools. The right choice depends on how integrated, scalable and manageable your process needs to be.
Microsoft Forms
A quick and simple option, ideal for light-touch feedback or early-stage testing. However, Forms sit outside of SharePoint, so feedback is disconnected, lacks context, and can be harder to manage centrally or link back to specific documents – relying on users to tie the feedback to the policy.
Microsoft Lists
More structured and trackable. Lists allow you to standardise fields such as policy name, feedback type, and status. This gives you a centralised view but still requires users to link to the policy to submit feedback — which can reduce participation and weaken the connection between the feedback and the policy content.
Power Apps
The most integrated and user-friendly option. Feedback is submitted directly alongside the policy, making it easy for staff to provide input without switching systems or losing context. It is then automatically routed, tracked, and status-managed.
In Policy Express, we’ve built a tailored Power App that lets users see the policy and submit structured feedback on a single screen. Feedback can be prioritised, categorised, and even linked to attachments where needed, while ensuring auditability and ownership at every step.
Example: Feedback panel sits alongside the policy, keeping context clear and input structured.
Managing policies can be a complex and time-consuming task for quality managers and policy administrators. Policy Express solves these familiar challenges, all within Microsoft 365:
Policy Express is a fixed-fee solution and operates entirely within your tenant, ensuring data security and eliminating dependency on external services.
Discover how Policy Express can simplify your policy management – Find out more or book a Discovery Call.
See how Policy Express can streamline your policy creation process and enhance your governance framework in this short explainer video.
