Alex is Sprintlaw's co-founder and principal lawyer. Alex previously worked at a top-tier firm as a lawyer specialising in technology and media contracts, and founded a digital agency which he sold in 2015.
Contents
- Why Workplace Policies Matter In Australia
- What Should A Workplace Policy Cover?
Step‑By‑Step: How To Draft An Effective Workplace Policy
- 1) Set Your Purpose And Scope
- 2) Map The Risks And Legal Requirements
- 3) Write In Plain English
- 4) Define Key Terms Up Front
- 5) Set Clear Roles And Responsibilities
- 6) Include A Simple, Fair Procedure
- 7) Align With Related Policies And Contracts
- 8) Add Practical Tools
- 9) Plan Training And Communication
- 10) Set Review, Version Control And Ownership
- Practical Drafting Tips And Common Pitfalls
- What Legal Documents Support Your Policy Framework?
- Key Takeaways
Clear, practical workplace policies help you set expectations, reduce risks, and build a compliant, high‑performing team. Whether you’re hiring your first employee or scaling a growing business, the right policy framework keeps everyone on the same page and makes day‑to‑day decisions easier.
In Australia, policies also play a key role in meeting your legal obligations - from Fair Work requirements to privacy and work health and safety (WHS). The good news? You don’t need to write a legal textbook. With a simple structure, plain English and the right consultation, you can create policies your people will actually read and follow.
Below, we’ll walk you through what to include, how to draft and roll out policies, and the key compliance issues to keep in mind. If you’d prefer support, we can prepare a tailored Workplace Policy suite that fits your business and industry.
Why Workplace Policies Matter In Australia
Policies do more than outline rules - they’re the bridge between the law and how your business operates day to day. Done well, they:
- Set clear standards of behaviour and performance so your team knows what’s expected.
- Demonstrate that you’ve taken reasonable steps to prevent unlawful conduct (important for managing legal risk).
- Support consistency when managing issues like leave, misconduct, bullying, performance and safety.
- Clarify procedures so managers act fairly and employees feel heard.
- Help you comply with Australian laws and any applicable modern awards or enterprise agreements.
Think of policies as your business playbook. They complement your Employment Contract by explaining how key terms work in practice (for example, how to request leave or how your performance process runs).
What Should A Workplace Policy Cover?
The right scope depends on your size and risk profile, but most Australian employers benefit from a core set of policies. Consider building your policy framework around these areas:
- Code of Conduct: Values, expected behaviours, conflicts of interest, gifts and benefits, use of company property.
- Equal Opportunity, Bullying, Harassment and Discrimination: Standards of respectful behaviour, unlawful conduct definitions, complaint and investigation process.
- WHS (Work Health and Safety): Roles and responsibilities, hazard reporting, incident response and return‑to‑work basics.
- Leave and Attendance: Annual, personal, parental and other leave categories; notice and evidence requirements; rostering and flexible work requests.
- Performance and Discipline: How feedback works, managing underperformance, misconduct, and show cause processes.
- Privacy and Data Protection: Handling of personal and sensitive information, access controls, and data breach reporting (supported by a public‑facing Privacy Policy on your website).
- Technology and Communications: IT, email and social media use, BYOD, cybersecurity hygiene, and AI tools (many teams now add an AI Use Policy).
- Remote and Flexible Work: Work location, safety at home, hours, availability and equipment responsibilities.
- Grievances and Complaints: How to raise issues, informal vs formal options, investigation steps and confidentiality.
- Whistleblowing (if applicable): Protected disclosures, protections and reporting channels - often via a standalone Whistleblower Policy for larger companies.
If you’re growing quickly or want everything in one place, it can be helpful to bundle your core rules into a single, readable Staff Handbook with hyperlinks to more detailed policy documents.
Step‑By‑Step: How To Draft An Effective Workplace Policy
1) Set Your Purpose And Scope
Start by writing a one‑paragraph purpose statement. What is the policy for and who does it apply to? Clarify whether it covers employees, contractors, volunteers and agency staff. If you have multiple sites or remote teams, say so.
Tip: Include a simple “how this policy works with contracts” note. Make it clear the policy doesn’t form part of the employment contract unless you say otherwise, and that you may update it to reflect the law and business needs.
2) Map The Risks And Legal Requirements
List the risks the policy should address (e.g. bullying complaints, misuse of IT, safety incidents, handling personal data). Then note the legal obligations that sit behind them. In Australia, common sources include:
- Fair Work Act and modern awards (minimum standards, consultation, discipline and leave evidence).
- WHS laws (primary duty to ensure health and safety, consultation, risk management and incident reporting).
- Privacy Act and the Australian Privacy Principles (APPs) if you handle personal information.
- State surveillance and recording laws (for monitoring emails, CCTV or phone calls), if relevant.
Having this map ensures your policy is practical, accurate and aligned with the law.
3) Write In Plain English
Use short sentences, everyday words and examples. Replace legalese with clear instructions. For instance, instead of “Employees shall abstain from discriminatory conduct,” write “You must not bully, harass or discriminate against anyone.”
Break up content with headings and bullet lists. Add quick examples for clarity (e.g. “bullying includes repeated behaviour such as excluding, threatening or humiliating a person”).
4) Define Key Terms Up Front
Include a short definitions section for terms that could be misunderstood - for example, “confidential information,” “personal information,” “serious misconduct,” “manager,” “workplace” (including work‑related events), “health and safety incident,” or “AI tools.”
5) Set Clear Roles And Responsibilities
Spell out who does what. A simple table or list helps:
- All workers: Follow the policy, report concerns, keep information confidential.
- Managers: Lead by example, act on concerns, escalate issues, keep records.
- HR/People Team (if applicable): Train staff, manage investigations, update policies.
- Directors/Owners: Ensure resources, oversee compliance and continuous improvement.
6) Include A Simple, Fair Procedure
For policies that involve reporting (e.g. complaints, safety, grievances), add a step‑by‑step process that’s easy to follow:
- How to raise an issue (informal and formal options, including anonymous avenues if available).
- What happens next (triage, who manages it, expected time frames).
- How you’ll treat everyone fairly (natural justice, support people, no victimisation).
- Outcomes (informal resolution, training, warnings or other actions) and how you’ll communicate them.
- Confidentiality and record keeping (what’s kept, where, and for how long).
7) Align With Related Policies And Contracts
Cross‑reference relevant documents so there’s no confusion. For example, your code of conduct can point to your privacy, WHS and grievance procedures, and your Employment Contract can reference the policies that apply to that role.
8) Add Practical Tools
Where appropriate, include templates or short forms that make compliance easy - think incident report forms, leave request steps, complaint forms or checklists for managers.
9) Plan Training And Communication
Policies only work when people know them. Plan a simple rollout (see below for details), include your policy in onboarding, and schedule refreshers for higher‑risk topics like WHS, bullying/harassment and cybersecurity.
10) Set Review, Version Control And Ownership
Give the policy an owner (usually HR or a senior manager), set a review date (at least annually or when laws change), and add a version table so people know they’re using the latest copy.
Compliance Essentials Under Australian Law
You don’t need to quote legislation in your policy, but you do need to reflect the key obligations that apply to your business. Here are the big-ticket items most employers should consider.
Fair Work Basics
Your policy framework should align with the National Employment Standards, any applicable modern award, and the Fair Work Act. Get specific about notice and evidence requirements for leave, procedure for performance management and disciplinary action, and how consultation will occur for significant workplace changes.
Work Health And Safety (WHS)
Australian WHS laws require you to eliminate or minimise risks so far as is reasonably practicable. Your WHS policy should set out hazard identification, risk controls, incident notification and the role of health and safety representatives (if any). Make it clear that safety applies wherever work is done - including at client sites and at home for remote workers.
Privacy And Data Protection
If you handle personal information, your internal policy should cover collection, use, access, security and data breach response. Externally, publish a concise, accurate Privacy Policy explaining how you handle customer data. Internally, make sure employees know their responsibilities when accessing staff or customer information.
Technology, Communications And AI
Set rules for acceptable use of email, messaging, devices and social media. Specify what’s monitored and why (staying mindful of state‑based surveillance and recording laws). Because many teams now experiment with AI tools, add an AI Use Policy that addresses confidentiality, bias, accuracy and human review.
Anti‑Bullying, Harassment And Discrimination
Make it crystal clear that unlawful conduct is prohibited and explain how people can raise concerns. State that victimisation will not be tolerated and outline how you’ll support all parties during any process. Provide options to report issues to someone other than a direct manager.
Whistleblowing
If your company falls within the corporate whistleblower regime (or you choose to offer protections anyway), set out protected disclosures, reporting channels, confidentiality and protections in a dedicated Whistleblower Policy. Train leaders so they understand their obligations.
Record Keeping
Keep accurate records of training, acknowledgements, reported incidents, investigations and outcomes. Good records show you took reasonable steps to prevent and address issues, which can be critical if a dispute arises.
Rolling Out Your Policy: Training, Communication And Enforcement
Even the best policy will fail if it sits in a drawer. Plan a simple, practical rollout and keep it alive in your culture.
Onboarding And Acknowledgement
Build policy review into induction. Provide the latest versions, highlight the key changes or high‑risk areas, and ask employees to confirm they’ve read and understood them. Keep signed acknowledgements on file (digital is fine).
Make It Easy To Find
Host your policies in a shared location with clear naming and version control. Add helpful links from your Staff Handbook or intranet so people can navigate quickly to the policy they need.
Targeted Training
Some topics warrant special attention: WHS, bullying/harassment, privacy/cybersecurity and supervisor responsibilities. Short, role‑specific sessions work best. Use real scenarios (sanitised) so the content sticks.
Lead By Example
Managers set the tone. If your leaders embrace the policy, reference it in decisions, and respond consistently to issues, your team will follow. If they don’t, the policy won’t carry weight.
Enforcement That’s Fair And Proportionate
Policies should help you act consistently and fairly. When an issue arises, follow the process you’ve set out, apply natural justice, and document each step. If disciplinary action is required, ensure it aligns with your Employment Contract terms and any applicable award or enterprise agreement.
Keep Improving
Invite feedback after you roll out a policy. What’s unclear? What scenarios are missing? Use incident trends and HR metrics to update policies and training. Schedule an annual legal review - especially after law changes, organisational shifts or new technologies.
Practical Drafting Tips And Common Pitfalls
A few small drafting choices can dramatically improve engagement and compliance.
- Be concise: Aim for short sections and bullet points. People won’t read a 40‑page wall of text.
- Stay consistent: Use the same terms throughout (e.g. “manager” vs “supervisor”). Align policy language with your Workplace Policy suite and contracts.
- Use examples: Add brief “what this looks like” scenarios to make abstract concepts concrete.
- Balance flexibility and clarity: Use “will” for non‑negotiables and “may” where discretion is required. Avoid creating unintended entitlements.
- Consider your culture: Reflect your values and tone. The policy should feel like it was written by your business, not copy‑pasted.
- Mind accessibility: Use readable fonts, simple layouts and clear headings. Ensure policies are accessible on mobile and to people with disabilities.
- Don’t overlook privacy and tech: Many incidents involve data and devices. Pair internal rules with a current Privacy Policy and simple IT guidance, and consider an AI or emerging tech addendum as your tools evolve.
Finally, bring your team along for the ride. Consultation often produces better policies and stronger buy‑in. Involving employees (and health and safety representatives, where applicable) also supports your legal duty to consult on WHS matters.
What Legal Documents Support Your Policy Framework?
Policies work best alongside clear, tailored documents. Depending on your structure and risk profile, consider:
- Employment Contract: Sets the terms of employment - duties, hours, pay, confidentiality, IP, notice and how policies apply.
- Workplace Policy: Your core policy suite covering conduct, WHS, bullying/harassment, leave, performance and grievances.
- Privacy Policy: Public‑facing statement about how you collect and use personal information, plus internal rules for staff handling data.
- Staff Handbook: A single, easy‑to‑read guide that consolidates key policies and procedures for employees.
- Whistleblower Policy: For eligible companies, sets out protected disclosures, reporting options and protections.
- AI Use Policy: Explains permitted tools, confidentiality requirements, human review and accountability for outputs.
Not every business needs every document on day one, but most employers benefit from at least a core policy suite, a solid employment agreement and clear privacy settings.
Key Takeaways
- Workplace policies translate the law into practical rules and processes your team can follow every day.
- Focus on core areas first: conduct, WHS, bullying/harassment, leave, performance, privacy and technology use.
- Draft in plain English with clear responsibilities, simple procedures, and realistic examples for your business.
- Align policies with Fair Work, WHS and privacy obligations, and keep them consistent with your Employment Contract.
- Roll out policies with onboarding, acknowledgements and targeted training - and lead by example.
- Review and update your policy suite regularly, especially after law or business changes, and keep good records.
If you’d like a consultation on drafting or updating your workplace policies, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no‑obligations chat.
