Governance insight

The safeguarding policy is due for review.
Someone asks which version the board approved last year. Three places to look: the shared drive, the document linked in the minutes, the version on the school website. They are not the same document.

No one is certain which one is current.

This is not a filing problem. Schools carry a legal and regulatory obligation to keep certain policies under review — safeguarding, health and safety, finance, GDPR. Best practice, and the strongest governance evidence that obligation has been met, requires that approval to be traceable: to a specific meeting, a specific version, a specific resolution. An inability to answer the question is not administrative untidiness. It is a governance gap.

The reason most boards cannot answer it is structural. Policies are treated as documents — things to be approved, filed, and retrieved when needed. Policy governance is something different: the discipline of knowing which policies are live, when each is due for review, who approved the current version at which meeting, what changed between versions, and whether the copy available to staff matches what the board actually approved.

  • Which policies are in scope — and which have lapsed without the board noticing
  • When each policy was last reviewed — and at which meeting, against which version
  • Whether the version approved at that meeting is the version currently in use
  • What changed between the previous version and the one the board approved
  • When the next review is due — and whether anyone will notice if it passes

The gap between filing a policy and governing it.

Filed. Approved. Current?
Which version? No one's quite sure.

The minutes say approved.
They do not say which version.

A policy under review typically passes through several hands before it reaches the board. The head updates it, a governor red-lines it, someone compares it against the latest DfE template, a final version is produced. By the time it reaches approval, there may be four or five versions in circulation.

The minutes record: "Safeguarding policy — reviewed and approved." They do not record which version. Three years later, when a new governor is trying to confirm the policy is current, the approval is in the minutes. The version is not.

Meanwhile, the copy on the school website was uploaded at some point after that meeting. Whether it matches what the board approved — or was produced from an earlier draft — is genuinely unknown.

What a document repository gives you
A place to put files. Version control is whatever naming convention the last person used. "Safeguarding Policy FINAL v3 REVISED (2).docx" is not a governance record. It is a filing decision.
What policy governance requires
An approval chain that connects each version of a document to a specific meeting, a specific agenda item, and a specific resolution. Without that chain, the board cannot demonstrate it discharged its review obligation — only that it met.

Some policy review obligations are statutory. KCSIE requires the governing body to ensure annual review takes place — typically led by the DSL and head, then brought to the board for approval. A policy in a shared folder is not evidence of that review. A dated approval recorded against a board meeting — against a specific version — is.

Document repository vs policy governance system

The difference is not about adding steps — it is about what the board can demonstrate after each review cycle. With a governance system, every approval creates a traceable record: the version, the meeting, the date, and the next review due. A repository records that something was filed. A governance system records that an obligation was met.

Document repository

1
Policy drafted or updated
Changes tracked informally
2
Presented to the board
Meeting reference noted in minutes
3
"Approved" recorded in minutes
Which version? Not captured
4
Filed in shared drive
Policy portal: ask someone
5
Next review: check last year's minutes
Or notice when something goes wrong

Policy governance system

1
Policy revised with tracked changes
Version history in governance record
2
Review surfaces on governance calendar
Board sees it coming — not as a surprise
3
Board approves a specific version
Recorded: meeting, agenda item, version number
4
Published to policy portal
One place — always the board-approved version
5
Next review date set automatically
Surfaces to agenda before it is due

The policy staff are reading and the policy the board approved
should be the same document.

A policy portal is not a duplicate of the governance record. It is the live face of it: the board-approved version, always current, always accessible to the people who need to work from it. When the board approves a new version, the portal updates. When a policy is embedded in a Google Doc via transclusion, that document updates too — automatically, without anyone copying and pasting from a shared drive.

A governance overview showing one policy record — Safeguarding Policy v3.2 — connected to four systems: a policy register listing four policies all marked Approved, a review calendar showing the next review date, an approval chain showing Draft to Reviewed to Approved on 15 May 2025, and a policy portal with staff and parent views that links and updates automatically. A governor says: This is the approved version. Bottom banner: Policy governance requires a single source of truth, a clear approval record, scheduled review, and controlled publication. Caption: No copies. No drift. No doubt.

One policy record. Four connected systems: register, approval chain, review calendar, and portal. No copies. No drift. No doubt.

Four disciplines. None of them optional.

These are not features — they are the minimum conditions for policy governance to function. A board that cannot satisfy all four is not governing its policies. It is approving them. Those are different things.

Policy register

Every policy in scope, with its current status — live, under review, overdue, or lapsed — its review cycle, its owner, and its next review date. Not a folder. A structured register that surfaces what is current and what is not.

What it answers: which policies exist and which are active

Approval chain

Every approved version connected to a specific meeting, agenda item, and resolution. The record answers: who approved it, when, at which version, and on what basis. The approval is not just in the minutes — it is linked to the document that was approved.

What it answers: which version was approved and when

Review calendar

Upcoming policy reviews visible in the governance calendar before they are due — surfacing to the agenda automatically, not when a governor happens to ask. Overdue reviews visible as a gap in the register, not discovered during an inspection.

What it answers: what is coming and what has been missed

Policy portal

A single destination where the current board-approved version of every policy is always available — to staff, to governors, to anyone who needs to work from it. Not a folder. Not the school website. The actual approved document, updated automatically when the board approves a new version.

What it answers: what version should people be working from

Four questions. Answerable before the review item reaches the agenda.

With a policy governance system, these questions are answerable by the workspace chair before the meeting starts — not reconstructed from minutes and folder searches afterwards. If they cannot be answered without digging, the policy record is a repository. It is not governance.

Question 1

Which policies are due for review in the next six months — and will the board see them before or after the deadline?

Question 2

For the safeguarding policy: which version did the board approve, and at which meeting?

Question 3

Is the policy currently available to staff the same document the board approved — or a copy made at some point afterwards?

Question 4

If a policy was materially changed between versions, can you show the board what changed before they approved it?

The standard to aim for
Policy approval is not the end of the governance act — it is a point in a cycle. The obligation is to review policies at the right interval, approve specific versions at specific meetings, and ensure the approved version is what staff are actually working from. A board that cannot trace that cycle has not governed its policies. It has filed them.

Where document repositories fail quietly

Most boards do not feel their policy process is broken. Policies get reviewed, approvals are noted in the minutes, and inspections rarely surface the gap. The failure accumulates in the background:

  • Review dates pass unnoticed because there is no calendar tracking them proactively
  • The version approved by the board and the version on the school website diverge over time
  • Approvals recorded in minutes cannot be matched to a specific document version
  • Staff are working from policies that were superseded months ago — because nobody updated the shared drive folder
  • When governors, chairs, or leadership teams change, the institutional knowledge of which version is current goes with them
  • A regulatory inspection asks for the approved safeguarding policy — the board cannot confirm which document that is

The question is not whether policies are broadly up to date. It is whether the board can demonstrate — at any point, to any reviewer — that specific obligations were met, specific versions were approved, and the document currently in use is the one the board actually approved.

Loom is built for this

In Loom, policies are part of the governance record — not a separate repository. Every policy carries its version history, approval chain, and review cycle inside the platform. Approval connects a specific version to a specific meeting. The governance calendar surfaces upcoming reviews before they fall due.

  • Policy register: every policy with status, review cycle, and approval history
  • Version history: what changed between versions, linked to the board meeting that approved each one
  • Governance calendar: review obligations surface automatically — not when someone remembers to check
  • Policy portal: a single, always-current destination for every board-approved policy, accessible to staff and governors
  • Transclusion: Loom policies can be embedded in Google Docs as live content — when the board approves a new version, any linked Google Doc updates automatically, with no copying, no drift, no version mismatch

The policy the board approved and the policy staff are reading — the same document. Always.

Board Deck Standard 1.2: Risk and Compliance Monitoring ↗

Think about your safeguarding policy

Without searching through shared drives or last year's minutes, can the board answer these right now?

You can identify which policies are due for review in the next six months — without consulting the minutes or the policy list on the school website.

For the safeguarding policy the board approved last year: you can name the version, the meeting date, and confirm that version is what staff are currently working from.

If a staff member asked for the current approved anti-bullying policy right now, the answer is available in one place — without contacting the clerk, the head, or checking the school website.

If any of those requires a search through folders or a phone call, the policy record is not in the governance log — it is distributed across inboxes, shared drives, and copies made at various points in the past. That is not a document management problem. It is a governance obligation problem: one that compounds with every review cycle that passes without a traceable approval, and surfaces — clearly and suddenly — during the one inspection the board cannot reschedule.
SYNNOVATELeadership FrameworksDECKSLeadership PracticeLOOMOrganisational Infrastructure

Synnovate connects leadership frameworks, leadership practice, and organisational infrastructure.

LOOM provides the infrastructure that captures signals from real work and reveals patterns across the organisation.

Explore Loom → loom.education