166 lines
4.2 KiB
Markdown
166 lines
4.2 KiB
Markdown
# Policy Repository
|
|
|
|
This directory contains the controlled policy, procedure, standard, guideline, form, exception, and evidence records for the Kell Creations platform.
|
|
|
|
## Purpose
|
|
|
|
The purpose of this repository structure is to provide a controlled, auditable, and maintainable lifecycle for business policies and supporting governance records.
|
|
|
|
This repository supports:
|
|
|
|
- document creation
|
|
- review and approval
|
|
- publication to active status
|
|
- version control
|
|
- retirement of superseded documents
|
|
- retention of approval and retirement evidence
|
|
|
|
## Repository Structure
|
|
|
|
### `active/`
|
|
Contains approved documents that are currently in force.
|
|
|
|
### `drafts/`
|
|
Contains documents being authored or revised before formal review.
|
|
|
|
### `review/`
|
|
Contains documents that are under formal review and awaiting approval, rejection, or revision.
|
|
|
|
### `retired/`
|
|
Contains documents that are no longer active because they were superseded, withdrawn, or retired.
|
|
|
|
### `templates/`
|
|
Contains approved starter templates for controlled documents.
|
|
|
|
### `register/`
|
|
Contains the master document register and supporting control logs.
|
|
|
|
### `evidence/`
|
|
Contains approval records, review records, exceptions, and retirement evidence.
|
|
|
|
## Lifecycle Model
|
|
|
|
Controlled documents move through the following lifecycle:
|
|
|
|
1. Draft
|
|
2. Review
|
|
3. Active
|
|
4. Superseded or Revised
|
|
5. Retired
|
|
|
|
Documents should not skip lifecycle stages without documented approval.
|
|
|
|
## Document Types
|
|
|
|
The following document types are supported:
|
|
|
|
- Policy
|
|
- Procedure
|
|
- Standard
|
|
- Guideline
|
|
- Form
|
|
- Exception
|
|
|
|
## Naming Convention
|
|
|
|
Documents should follow this pattern:
|
|
|
|
`KC-<TYPE>-<DOMAIN>-<NUMBER>-<short-title>.md`
|
|
|
|
Examples:
|
|
|
|
- `KC-POL-GOV-001-document-control-policy.md`
|
|
- `KC-PRO-GOV-001-policy-review-and-retirement-procedure.md`
|
|
- `KC-STD-MKT-001-social-media-publishing-standard.md`
|
|
|
|
### Type codes
|
|
|
|
- `POL` = Policy
|
|
- `PRO` = Procedure
|
|
- `STD` = Standard
|
|
- `GLD` = Guideline
|
|
- `FRM` = Form
|
|
- `EXC` = Exception
|
|
|
|
### Domain codes
|
|
|
|
- `GOV` = Governance
|
|
- `OPS` = Operations
|
|
- `ECM` = Ecommerce
|
|
- `MKT` = Marketing
|
|
- `MFG` = Manufacturing
|
|
- `FIN` = Finance
|
|
- `IT` = Information Technology
|
|
- `SEC` = Security
|
|
- `PRV` = Privacy
|
|
|
|
## Required Metadata
|
|
|
|
All controlled documents must begin with YAML front matter that includes:
|
|
|
|
- `document_id`
|
|
- `title`
|
|
- `document_type`
|
|
- `domain`
|
|
- `version`
|
|
- `status`
|
|
- `owner`
|
|
- `reviewers`
|
|
- `approver`
|
|
- `effective_date`
|
|
- `next_review_date`
|
|
- `supersedes`
|
|
- `related_documents`
|
|
- `related_systems`
|
|
- `retention_period`
|
|
- `confidentiality`
|
|
|
|
## Document Control Rules
|
|
|
|
- All controlled documents must be stored in Git.
|
|
- All changes must be reviewed through the approved repository workflow.
|
|
- Active documents must have an approver and effective date.
|
|
- Superseded documents must be moved to `retired/`.
|
|
- Approval and retirement actions must be reflected in the control logs under `register/`.
|
|
- Evidence of approval, review, exception, or retirement should be preserved under `evidence/`.
|
|
|
|
## Registers
|
|
|
|
### `policy-register.csv`
|
|
The master index of controlled documents.
|
|
|
|
### `document-control-log.csv`
|
|
The record of lifecycle changes and status transitions.
|
|
|
|
### `review-calendar.csv`
|
|
The schedule for periodic policy review.
|
|
|
|
### `exception-register.csv`
|
|
The record of approved and tracked exceptions.
|
|
|
|
## Recommended Workflow
|
|
|
|
1. Create a new document in `drafts/`.
|
|
2. Assign owner, reviewers, and proposed approver.
|
|
3. Move document to `review/` when ready for formal review.
|
|
4. Approve and move to `active/` when authorized.
|
|
5. Update the document register and control log.
|
|
6. Move superseded versions to `retired/`.
|
|
7. Store supporting approval or retirement evidence in `evidence/`.
|
|
|
|
## Relationship to Architecture and Operations
|
|
|
|
This policy repository supports the architecture and workflow documentation maintained elsewhere in the repository, including:
|
|
|
|
- policy lifecycle workflows
|
|
- audit and compliance architecture
|
|
- CI/CD workflow documentation
|
|
- operating procedures for controlled publication
|
|
|
|
## Ownership
|
|
|
|
Unless otherwise specified in a document, repository governance is owned by the Kell Creations business owner.
|
|
|
|
## Summary
|
|
|
|
This policy repository is the controlled governance layer for Kell Creations documentation, operational rules, and retained compliance evidence. |