HR-14 Policy acknowledgement

What is this control about?

The policy acknowledgement requires your employees to confirm they have understood the company’s policies.

The determination of the policies to attest is up to each organization, but at the minimum, the employee handbook must be attested by all employees.

This can be done manually or through a Human Resource (HR) tool.

Available tools in the marketplace

The following listing is “crowdsourced” from our customer base or from external research. TrustCloud does not personally recommend any of the tools below, because we haven’t personally used them.

Available templates

TrustCloud has a curated list of templates internally or externally sourced to help you get started. Click on the link for a downloadable version:

• N/A – No template for this control

Control implementation

The action required here is to define and document your organization policy acknowledgement in your HR policy.  As part of the documentation, ensure the following components are taken into account:

• List of policies that must be signed
• The mechanism that will be used to distribute the policies every year (i.e DocuSign, email, HR tool, etc..)
• The allotted timeline to acknowledge the policies.

What evidence do auditors look for?

Most auditors, at a minimum are looking for the below suggested action:

• Provide list of employee acknowledgement

Evidence example

From the suggested action above, an example is provided below

TrustCloud’s own example. It is important to provide the full document and most importantly evidence of the employee’s signature.