Managing Company Policies

A foundational part of getting compliant with frameworks like SOC 2, ISO 27001, and others is having the right company policies in place — and ensuring that every employee has accepted the latest version of those policies.

These policies outline your company's stance on critical topics like security, access control, incident response, acceptable use, and more. Without them, compliance simply isn't possible.

ComplyJet makes it easy to manage the entire policy lifecycle — from creation to approval to employee acceptance.

Based on the frameworks you've selected in your ComplyJet project, we automatically generate a set of recommended policies for you to adopt and customize.

You’ll find them in the Policies section of the platform. Your goal here is to:

Click on any policy to open its detail view. From here, you can see all the existing versions of that policy.

To create a new version, simply click “Create with Policy Wizard.” This wizard walks you through the entire policy-building process step-by-step — no legal research required.

You’ll be asked to answer a few simple questions. For each section, ComplyJet provides clear guidance and tooltips to help you fill in the right content based on your company’s setup.

Once you’re done, you can review the generated policy, make edits if needed, and save and publish — all from the same flow.

After creating a new version, you can assign it for internal approval. Select the relevant stakeholder in your organization (such as a CTO, CISO, or HR lead), and they’ll be notified to review and approve it.

Once approved, the version becomes active, and ComplyJet will begin prompting employees to accept the new version.

The system keeps track of who has accepted and who hasn’t, giving you full visibility and control.

To stay compliant, you should ensure that:

ComplyJet helps automate all of this, so you don’t need to manage version control, reminders, or approvals manually.