The Policies page centralizes all compliance policies. It allows you to review, approve, and organize policies by framework, assign owners, and monitor their approval status. This ensures that every policy meets internal and regulatory requirements for audit readiness.
Main Page Layout
Summary Panel
Completion – Shows the percentage of policies that are considered “OK” and lists the number of policies out of the total. In the example, 2 % of policies are OK, with 1 approved policy out of 45.
Assignment – A donut chart displays how many policies are Approved vs. Not Approved
Search & Filter
A Search box allows you to find policies by name.
A Framework filter helps narrow policies by their associated compliance framework.
Create New Policy Button
A button labeled Create New Policy lets you begin drafting a new policy. Clicking it opens a form where you can define the policy name, select frameworks, assign an owner, and write the policy text. (You should avoid clicking Approve or submitting forms without confirmation.)
Policies Table
Lists policies with columns: Policy Name, Frameworks, Owner, and Status (Approved or Not Approved).
You can sort by column headers (Policy Name, Frameworks, Owner, Status) to organize the list.
The Owner column displays a user icon if an owner is assigned.
The Status column shows a green “Approved” pill or a gray “Not Approved” pill.
Floating Action Button
A green plus button at the bottom right may offer quick access to create new policies (depending on your role).
Typical Actions on the Main Policies Page
Find a Policy – Type keywords into the Search box to filter the list.
Filter by Framework – Use the Framework filter to display policies belonging to a specific standard (e.g., ISO 27001:2022, SOC 2).
Create a New Policy – Click Create New Policy. Fill in basic details: policy name, associated frameworks, owner, and content. Save or cancel as needed.
Open Policy Details – Click a policy row to view and manage the policy.
Individual Policy View
When you click a policy, a detailed view slides in. Here’s what you’ll find when you open a policy, using “ISMS Master List of Documents” as an example.
Top Bar
Policy Title – The name of the policy.
Last Approved – Shows the date when the policy was last approved (or “Not approved yet” if it hasn’t been).
Approve Button – A button labeled Approve allows authorized users to mark the policy as approved. Use this only when the policy has been reviewed and finalized.
Left Pane – Policy Content
Displays the actual policy text. This may include:
Policy Owner – Placeholder or field for who owns the policy.
Effective Date – Placeholder for when the policy takes effect.
Company Name – The organization to which the policy applies.
Purpose – A description of why the policy exists.
Additional sections such as scope, definitions, responsibilities, procedures, etc., depending on the policy template.
In templates, variables like
{Policy Owner}and{Effective Date}appear as placeholders. When creating or editing, replace these with real values.
Right Pane – Details
ID – The policy’s identifier (e.g., POL‑1).
Description – A concise explanation of what the policy requires. For the ISMS Master List, it instructs you to maintain a current inventory of policies and procedures with document numbers, names, and versions
app.dsalta.com.
Source – Indicates where the policy originates (e.g., DSALTA, an external standard).
Owner – Shows who is responsible for the policy. Click Assign Owner to select or change the responsible person/group.
Results/Status – Displays whether the policy is Approved or Not Approved. This mirrors the status on the main page.
Controls Section
Below the details is a Controls section. Here you can map related controls to the policy:
Controls Header – Shows how many linked controls are OK (e.g., 0 / 1 OK).
Add Control (+) – Clicking the plus button opens a search dialog to link additional controls to this policy. Linking controls helps trace which compliance requirements are satisfied by this policy.
Linked Controls List – Displays the controls mapped to the policy (e.g., “Operation planning and control” in the example). Icons allow you to mark them as OK or remove them.
Other Potential Sections
Depending on your system configuration, the policy detail view may include additional areas:
Documents – Attach evidence documents, such as signed policies or acknowledgments.
Tests – Link policy tests or reviews to ensure policies are being followed.
Risk Scenarios – Associate risk scenarios that this policy mitigates.
Mapped Frameworks – See which frameworks the policy addresses.
Typical Actions in the Policy Detail View
Review Content – Read through the policy text in the left pane to ensure it matches organizational requirements.
Assign Owner – Click Assign Owner in the Details pane to designate who is responsible for maintaining and updating the policy.
Map Controls – Under Controls, use the plus button to associate the policy with relevant controls that it satisfies. This helps show how policies support compliance objectives.
Approve Policy – Once the policy is reviewed and complete, authorized users can click Approve at the top. Approving indicates that the policy is ready for enforcement. (Always confirm with stakeholders before approving.)
Edit Policy Content – If your permissions allow, you can modify the policy content directly in the left pane (fields may be editable). Replace placeholders like
{Policy Owner}and{Effective Date}with actual information.Navigate Back – Close the detail pane (often via an “X” in the top corner) to return to the policies list.
Summary of Buttons and Their Functions
Button / Icon | What It Does |
Create New Policy (main page) | Opens a form to draft a new policy with name, frameworks, owner, and content. |
Search box | Filters the policies list by typing keywords. |
Framework filter | Narrows the policies list by associated frameworks. |
Approve (within a policy) | Marks the policy as approved; should only be clicked after review and confirmation. |
Assign Owner | Opens a selection dialog to designate or change the policy owner. |
+ (Add Control) | Within the policy detail, opens a search to link additional controls to the policy. |
Status Pill (Approved / Not Approved) | Indicates whether a policy has been approved; not a button but a visual status indicator. |