From Open Risk Manual


Policy refers to a system of principles, rules and guidelines, adopted by an Organization to guide decision making with respect to particular situations and implemented via procedures or protocols to achieve stated goals. The intentions and direction of an organization as formally expressed by its Top Management.

A plan or course of action by an authority, intended to influence and determine decisions, actions, and other matters. Policy defines the limits within which decisions are made. A policy is a set or framework of general objectives and management principles that the undertaking uses for decision-making.


In the context of sustainability, a policy implements an undertaking’s strategy or management decisions related to a material sustainability matter. Each policy is under the responsibility of defined person(s), specifies its perimeter of application, and includes one or more objectives (linked when applicable to measurable targets). A policy is validated and reviewed following the undertakings’ applicable governance rules. A policy is implemented through actions or action plans.


  • An intervention taken or mandated by a government, institution, or other entity, which may include laws, regulations, and standards; taxes, charges, subsidies, and incentives; information instruments; voluntary agreements; implementation of new technologies, processes, or practices; and public or private sector financing and investment, among others.

See Also