Essential Workplace Policies Every Employer Needs In Australia

When you’re running a small business, it’s easy to think of “policies” as something only large corporates worry about.

But in practice, having clear workplace policies is one of the simplest ways to protect your business, set expectations, and reduce the risk of misunderstandings turning into expensive disputes.

The good news is you don’t need a 200-page manual to get this right. What you do need is a set of policies that actually match how your business operates, the risks you face, and the kind of team culture you’re trying to build.

Below, we’ll break down which workplace policies typically matter most for Australian small businesses, why they’re important, and how you can implement them in a practical way that your team will actually follow.

Note: This article provides general information only and doesn’t constitute legal advice. Because employment, privacy and surveillance obligations can depend on your circumstances (including your industry and where you operate), it’s a good idea to get advice tailored to your business before relying on any policy.

Why Policies In A Workplace Matter (Even If You’re A Small Team)

A workplace policy isn’t just “nice to have”. It’s a written, consistent way of explaining how things work in your business.

From a legal and risk perspective, workplace policies can help you:

• Set clear expectations about behaviour, attendance, performance and conduct;
• Support compliance with employment law, privacy obligations and (where applicable) workplace surveillance rules;
• Improve consistency (so you’re not handling the same issue differently depending on who’s managing that day);
• Reduce disputes by documenting how complaints, investigations and discipline are handled;
• Protect your business when things go wrong, because you can point to a clear process and documented standards.

From a practical standpoint, having the right policies can also make onboarding easier, reduce day-to-day confusion, and help your managers (even if that manager is “you”) handle tricky situations with more confidence.

It’s also worth remembering: workplace policies usually work best when they sit alongside your employment documents, like your Employment Contract, so the “rules of the workplace” and the “terms of the job” aren’t contradicting each other.

What Workplace Policies Do Australian Small Businesses Usually Need?

There isn’t one perfect list for every business. A warehouse with forklifts will have different risks to a small marketing agency, and a café has very different day-to-day pressures to an NDIS provider.

That said, there are some common workplace policies that most Australian employers should consider from early on.

1. Code Of Conduct (Behaviour, Professionalism And Respect)

A Code of Conduct policy sets the baseline for how people are expected to behave at work.

It typically covers things like:

• treating colleagues and customers respectfully;
• appropriate workplace language and behaviour;
• bullying, harassment and discrimination expectations (including what’s not acceptable);
• conflicts of interest and gifts;
• following reasonable directions.

For small businesses, this matters because your culture is often “felt” more intensely when the team is small. If you don’t set a standard early, it can be harder to reset expectations later.

2. Bullying, Harassment And Discrimination Policy

Many businesses include this within a Code of Conduct. Others keep it as a dedicated policy so it’s easier to find and enforce.

At a minimum, this policy should clearly state:

• what behaviour is prohibited;
• how staff can raise concerns;
• how your business will respond (including confidentiality and natural justice where possible);
• what outcomes may follow if the policy is breached.

If you want staff to speak up early (before issues escalate), your policy needs to feel safe, not scary.

3. Work Health And Safety (WHS) Policy

Every Australian business has WHS duties. Even if you’re mostly office-based, WHS still matters (think: ergonomic risks, stress, slips/trips, working from home safety, and psychosocial hazards).

A WHS policy often covers:

• your commitment to providing a safe workplace;
• how hazards are identified and reported;
• incident reporting and injury management;
• training and supervision expectations;
• consultation (how you involve workers in WHS matters).

If you’re relying on “common sense” without a process, it’s easy to miss issues until you’re dealing with an incident.

4. Leave And Attendance Policy

Attendance issues are one of the most common pain points for small business employers, especially when rostering is tight.

A leave and attendance policy typically sets expectations around:

• how to request annual leave;
• notice requirements for planned leave;
• what to do if someone is sick and can’t attend;
• when you may request evidence (like medical certificates or statutory declarations);
• what happens if someone is repeatedly late or absent.

This policy becomes particularly important if you have shift-based staff or you need reliable coverage to open your doors.

5. Performance Management And Disciplinary Policy

When performance drops, many business owners try to “talk it out” informally. That’s understandable, but it can create risk if the situation later escalates.

A performance and disciplinary policy gives you a consistent framework for:

• raising concerns early;
• setting performance expectations and support;
• documenting conversations and outcomes;
• issuing warnings (where appropriate);
• investigating alleged misconduct;
• escalating to termination if needed (and doing it procedurally fairly).

This is one of those areas where clear workplace policies can significantly reduce the “he said / she said” problems that come from informal management.

6. Privacy And Confidentiality Policy

Many small businesses handle personal information every day: customer emails, phone numbers, delivery addresses, employee records, CVs, and sometimes sensitive information (like health details).

If your business collects personal information, you may need a customer-facing Privacy Policy (for example, if you’re covered by the Privacy Act 1988 (Cth) as an “APP entity”, or if a platform, contract, funder or client requires it). Even where the Privacy Act doesn’t apply to you, it’s still often a good idea to have clear internal rules so your team knows how to handle information appropriately.

Common topics include:

• keeping customer and staff information confidential;
• who can access files and systems;
• secure storage (including cloud tools and devices);
• what to do if there’s a suspected data breach;
• rules around discussing clients/customers outside work.

7. IT, Device And Acceptable Use Policy

If your team uses your laptops, email addresses, CRM systems, or even shared logins, an IT/acceptable use policy is essential. It sets boundaries around what’s acceptable and helps reduce cybersecurity and privacy risks.

This is commonly covered in an Acceptable Use Policy and can address:

• work email and messaging expectations;
• password/security requirements (including MFA if you use it);
• use of personal devices for work (BYOD);
• monitoring of systems (where lawful);
• social media use during work time (and when representing your brand);
• downloading software, using USB devices, or accessing restricted sites.

8. Workplace Surveillance Policy (CCTV, Monitoring And Recording)

Some businesses use CCTV for safety, theft prevention, or incident management. Others monitor emails, internet usage, or work devices for security and performance reasons.

If you’re doing any of this, you need to be careful. Workplace surveillance can trigger privacy and surveillance law issues, and the rules (including notice/consent requirements and what is permitted) can differ significantly between states and territories and depending on the type of surveillance.

Two common areas to think about are:

• Cameras: where you can place them, whether you need signage/notice, and areas that are off-limits (like bathrooms and change rooms). These issues often come up under CCTV laws.
• Recording conversations: call recording, meetings, and audio recording can be especially sensitive. If your business records calls or meetings (or is considering it), you should check the recording laws that apply in your state/territory and to your specific context.

In most cases, the safest approach is to be transparent and communicate clearly in a policy, onboarding, and signage where relevant.

9. Drug And Alcohol Policy (If Relevant To Your Work)

If your business involves safety-sensitive work (driving, machinery, construction, warehousing, healthcare, or any role where impairment could cause harm), a drug and alcohol policy can be crucial.

This policy should be practical and tailored. For example:

• what being “fit for work” means in your workplace;
• rules around alcohol and drugs at work functions;
• what happens if someone appears impaired;
• whether testing may be conducted, and under what process.

If you’re considering testing, it’s important to get the setup right. The process, consent, and fairness all matter, and the legal risks can be significant if it’s handled badly. These issues are commonly discussed when employers look at drug testing in Australian workplaces.

10. Flexible Work And Remote Work Policy (If Your Team Works From Home)

Even if your team is only partly remote, it helps to document expectations around:

• work hours and availability;
• work health and safety considerations for home offices;
• confidentiality when working in public spaces or shared housing;
• use of company devices and systems;
• expense reimbursement (if any) for equipment or internet.

Remote work is a great benefit, but you still need rules so work stays secure, safe and productive.

How Do You Implement Workplace Policies So They Actually Work?

Writing policies is only half the job. Implementation is where many businesses get stuck, especially when you’re busy and onboarding happens quickly.

Here’s a practical way to roll out workplace policies without overwhelming your team.

Step 1: Start With Your Biggest Risks (Not A Giant Template Pack)

Before you write anything, ask:

• What causes the most friction or confusion right now?
• What could seriously harm someone (or the business) if mishandled?
• What rules do you keep repeating verbally?
• What is legally sensitive (privacy, surveillance, safety, complaints)?

For most small businesses, a solid baseline set of policies covers conduct, complaints, WHS, leave/attendance, privacy/confidentiality, and acceptable use.

Step 2: Make Sure Your Policies Match Your Contracts And Real Processes

Policies should work together with your employment agreements and any handbooks. If your contract says one thing and your policy says another, it can create confusion and weaken enforceability.

Many employers choose to implement policies through a structured Workplace Policy set (or staff handbook approach), then align it with the employment contracts used for different roles (casual, part-time, full-time).

Step 3: Roll Them Out With A Simple “What This Means For You” Summary

Policies don’t need to be complicated, but they should be understood.

When you introduce a new policy, consider providing:

• a short summary of what’s changing and why;
• 2-5 key “this means…” bullet points;
• examples that match your workplace (e.g. your rostering process, your systems, your customer interactions).

This is often the difference between a policy being read once and forgotten, versus actually being followed.

Step 4: Get Written Acknowledgement

A simple acknowledgement process can help you later if a dispute arises about “I didn’t know that was the rule”.

This could include:

• an onboarding checklist item;
• an email confirmation;
• a signed policy acknowledgement page;
• acceptance through your HR system (if you use one).

The key is consistency. It’s less about “paperwork” and more about making sure everyone is genuinely on the same page.

Step 5: Train Managers On How To Apply Policies Fairly

Even in a small business, policies can fail if managers apply them inconsistently. If you have a supervisor, team leader, or venue manager, they should understand:

• when to escalate issues to you or HR;
• how to document incidents appropriately;
• how to follow complaint and disciplinary steps;
• how to avoid knee-jerk reactions that can create legal exposure.

If you don’t have managers yet, this still applies to you. The policy is your framework for making decisions calmly and consistently.

Step 6: Review Policies Regularly (Especially When You Grow Or Change Systems)

Workplaces evolve. You might introduce new technology, expand to a second location, start working with more contractors, or shift into a different service offering.

Set a calendar reminder to review your policies at least annually, and also whenever something significant changes in your operations.

Common Mistakes Small Businesses Make With Workplace Policies (And How To Avoid Them)

We often see small business owners create policies with the best intentions, but a few avoidable mistakes can reduce their usefulness.

Using A Generic Template That Doesn’t Match Your Business

If your policy says you do monthly performance reviews, but you never do them, the policy can lose credibility quickly.

Your policies should reflect reality. If you want to improve your processes, that’s great, but the policy needs to align with how you actually operate today (or have a clear plan to implement the change).

Not Communicating Policies Properly

Uploading a PDF to a shared drive and hoping everyone reads it is not a rollout plan.

Even a 15-minute onboarding walkthrough and a simple acknowledgement process can dramatically improve compliance.

Over-Policing Or Under-Policing

Some businesses try to enforce policies in an overly strict way, even for minor issues, and it damages morale.

Others avoid enforcement entirely, and the policy becomes meaningless.

A good workplace policy sets a standard, and your response should be proportionate to the issue, consistent, and fair.

Forgetting Privacy And Surveillance Risks

Monitoring staff devices, recording calls, or installing cameras can be legitimate business tools, but they can also create risk if you don’t provide proper notice, have the right policy wording, and follow the rules that apply in your state or territory.

It’s a good idea to treat surveillance as a “design it properly from day one” issue, rather than trying to patch it after a complaint is raised.

Key Takeaways

• Strong workplace policies help small businesses set expectations, reduce disputes, and manage legal risk with more consistency.
• Most Australian employers should consider policies covering conduct, bullying/harassment, WHS, leave and attendance, performance management, privacy/confidentiality, and IT acceptable use.
• If you use CCTV, monitor devices, or record calls or meetings, you should have clear workplace surveillance rules and be mindful of state/territory requirements (which can vary depending on the type of surveillance and where you operate).
• Workplace policies work best when they match your real processes and sit alongside your employment contracts, onboarding and manager training.
• Implementation matters: communicate policies clearly, collect acknowledgements, apply them fairly, and review them as your business grows.

If you’d like a consultation on putting the right workplace policies in place for your business, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.