Using Policy Templates (990+ Library)

PolicySuite's template library gives you a head start on compliance documentation. Instead of writing policies from scratch, you can choose from 990+ professionally drafted templates, customise them to reflect your organisation's specific procedures, and publish within minutes.

1. What templates are

Templates are complete, ready-to-customise policy documents written by compliance professionals. Each template:

• Covers a specific policy topic (e.g. Remote Working Policy, Data Retention Policy, Acceptable Use Policy)
• Is mapped to the relevant regulatory frameworks and control objectives
• Follows a consistent structure: purpose, scope, policy statements, roles and responsibilities, enforcement, and review cycle
• Is written in plain English, designed to be readable by employees — not just legal teams

Templates are a starting point, not a finished product. Every organisation has different processes, systems, and risk tolerances. You must customise each template before publishing it.

2. Finding the right template

Navigate to the Templates tab in the left sidebar. Use the filters to narrow down results:

• Category — HR, IT Security, Compliance, Finance, or Operations
• Framework — ISO 27001, SOC 2, GDPR, NIST CSF, HIPAA, PCI-DSS, Cyber Essentials, and more
• Country — surfaces jurisdiction-specific language (e.g. UK GDPR vs. EU GDPR, CCPA for California)

You can also use the search bar to find templates by keyword. Results show the template name, category, applicable frameworks, and a short description. Click any template to preview the full content before committing.

3. Policy Packs: faster compliance coverage

Policy Packs are pre-bundled sets of 10 to 25 related templates sold together at a discount. They're designed for organisations that need to cover an entire framework or industry vertical quickly.

Examples of available packs:

• ISO 27001 Foundation Pack — the core information security policies required for certification
• SOC 2 Readiness Pack — policies aligned to the Trust Services Criteria
• HR Compliance Pack — employment, conduct, leave, and performance policies
• GDPR Data Protection Pack — data handling, retention, breach response, and subject rights policies

Packs are available in the Store tab. Purchasing a pack unlocks all included templates for your workspace immediately. You can also buy individual templates if you only need specific policies.

4. Customising a template

Once you've purchased a template (or if it's included in your subscription), click Use Template to create a draft in your workspace. The template content is copied into the editor — it does not stay linked to the original, so your changes won't affect other organisations using the same template.

At minimum, every template should be customised to:

1. Replace [Organisation Name] placeholders with your actual organisation name
2. Update role and team names to match your internal structure
3. Describe your actual procedures, not generic ones — for example, specify the tools you actually use for access management rather than leaving placeholder text
4. Set a realistic review date based on how frequently that policy area changes
5. Remove any sections that are not applicable to your organisation

5. Template updates and notifications

PolicySuite's compliance team monitors regulatory changes and updates templates when significant amendments are required — for example, when a new version of ISO 27001 is released or data protection legislation is amended.

If a template you've used receives a major update, you'll receive an in-app notification and an email to the policy owner. The update does not overwrite your customised version; it creates a new version of the original template which you can review and choose to apply. Minor corrections (grammar, formatting) are applied automatically without notification.

Related Articles

• Creating Your First Policy
• Distributing Policies via Magic Links
• Billing: Policy Packs & Purchases