Board of Directors use policy to communicate the permissions, limitations and standards of behavior for the Chief Executive Officer or Executive Director. This tool allows the Board to manage risks within the organization without requiring “hands on” attention. Any activities not covered by policy, or not allowed by policy will be automatically routed back to the Board of Directors for consideration.
Policies should reflect the current activities of the organization to allow the management team to operate efficiently, ie. having appropriate authority to make operational decisions, and effectively, ie. risks are properly mitigated and monitored.
For organizations that are stable, typically policy is reviewed on a regular cycle, perhaps every 3 to 5 years. For organizations that are just starting up, or have operations that are changing significantly, policies may need to be created or reviewed more frequently to manage those changes. Changes to policy can also be triggered by external sources, such as changes in laws and regulations. The number of policies you might have is a function of the complexity of your operations.
Every person applies judgement differently and maintaining a well written, concise policy communicates the expectations to all parties. Effective policies allow organizations to use resources efficiently while striving to meet objectives and strategic plans.