As standard, Policy Manager has two statuses that policies can be moved between: Draft and Distribution.
The application works perfectly well with these; however, it's possible to set up an approval process and add two additional statuses between Draft and Distribution.
This is an optional feature and does not need to be used unless it's relevant to your team.
Setting up an approval process
Policy Application administrators can add and manage the two extra approval statuses from the admin side via Applications > Admin > Policy Manager > Status details.
Please note: The two statuses after the Distribution status can be used, but are not part of the approval process and can instead be used as extra archiving review stages.
1. Create new approval statuses
- Consider what you want the approval steps to be between Draft and Distribution.
- Check the box in line with the row to make the fields editable.
- Once you're happy with your new statuses, click Submit to save them.
2. Update permissions across policies
Now that the new approval stages exist, they can be applied to policies created as new or being edited.
Users need to be given permissions to the new statuses to allow them to see and move policies between them.
- Default policy permissions
First, the most important place to update this is in the Default Policy Permissions on the admin side by an administrator. These permissions will then pull through to every new policy automatically, unless the policy creator changes them.
On the admin side, you'll see the corresponding permission listed for each new status.
Your administrators must ensure that the appropriate users, roles, or groups are assigned these new rights and that the configuration is saved.
Doing so ensures that all new policies added from this point onward automatically inherit these permissions and therefore have users who can move them through the approval process as required.
- What to do for pre-existing policies
It may be acceptable for all new policies going forward to move through these statuses, with existing policies excluded.
However, if you want existing policies to be included, the new status permission will also need to be granted to the relevant users, roles, or groups.
There is no bulk policy permission update function; instead, these updates are manually applied per policy.
Administrators of Policy Manager or users with Edit policy permission can edit each policy and update its permissions to include users, roles, or groups in the new status permissions.
Once applied, existing policies can be edited and moved through the statuses as needed by users who have the corresponding permissions.
How the process works in practice
1. When a new policy is created (or edited), the new statuses are available to put it in.
2. Users with the appropriate permission will be prompted to Accept/Reject the policy in its current status.
3. Once a policy is put into an approval status, users with the appropriate permission for that status are notified and asked to approve or reject it. The notification format depends on each user's preferences.
4. In the policy, users can accept or reject it and may leave a comment. A comment is required when rejecting the policy.
5. Administrators can check to see that all approvals have been given from the Approval History tab or the Approval Status button on the top right when in a policy. After which, they can move the policy to the next stage.
A reminder can be sent to those who have not yet responded from the Approval Status area.
6. Repeat for the next approval status until the policy is moved to Distribution, or back to Draft.
