What is your Policy

In a recent post I suggested that it may be time to revisit the policies of the company and take the procedures documents out of the boardroom.

EIOPA’s Guidelines on the System of Governance recommends four key elements in any policy:

  1. a) Goals pursued by the policy
  2. b) Tasks to be performed and Roles Responsible
  3. c) Processes and Reporting Procedures
  4. d) Obligation to keep Key Functions informed

The Company policy is set in a) above, the other headings are about implementation. These implementation elements are of course important but can overshadow the Policy which should be directional and should be short and concise.

Focusing therefore on the actual ‘Policy’ and limiting it to a single page description, there is an opportunity for the Board to provide real direction to the Company.

An example of this approach for a Company’s Outsourcing Policy, documented on a single page, is as follows:


ABC Company dac – Outsourcing Policy

“It is the policy of ABC Company dac (“the Company”) to source services from third parties where, and only where:

  • The service is of a nature which is technically complex and can be sourced more efficiently from a specialist firm; or
  • The Company can access demonstrable economies of scale through outsourcing the service; or
  • The service is required for a finite period which doesn’t merit the cost of building internal capability.

Where there is a justified case for outsourcing a service the following minimum requirements must be fulfilled:

  • The service to be outsourced, together with the provider responsibilities, must be clearly and concisely defined, with associated SLA’s documented to aid ongoing monitoring;
  • Tendering for the service must be completed in accordance with the Board Procurement Policy;
  • Financial and reputational due diligence must be carried out and documented before contracting;
  • The Outsourcing Contract must be approved by Company Counsel and must comply with the requirements of the CBI Outsourcing Guidelines;
  • An outsource governance model must be defined for each arrangement and must include reporting to the Board on SLA performance metrics at least annually and more frequently where considered necessary.

The outsourcing of the service, and the particular outsourcing arrangement, must be reviewed by the Board at least every three years.


August 2020

To discuss any of your Governance needs call Governance Matters on +353 (0)87 6408750 or email your query to info@governancematters.ie