Policy Management Last updated: 29 March 2026 · 4 min read

Policy Lifecycle & Version Control

Every policy in PolicySuite follows a structured lifecycle that ensures proper governance, review, and accountability. This guide walks you through each stage, explains how version control works, and shows you how to set up review cycles and approval workflows.

1. Lifecycle stages

A policy moves through five stages during its life:

Draft — the policy is being written or edited. Only the author and administrators can see it. Drafts are auto-saved and can be worked on over multiple sessions.
Review — the author has submitted the policy for review. A designated reviewer examines the content and can approve it or request changes. The policy is locked from further editing during review.
Approved — the reviewer has approved the policy. It is now ready to be published by a compliance_admin or org_admin.
Published — the policy is live and can be distributed to employees. Published policies are visible in the policy library and can be included in distribution lists.
Archived — the policy has been retired and is no longer active. Archived policies remain accessible for audit purposes but cannot be distributed. All historical acknowledgements are preserved.

To view the current stage of any policy, navigate to Policies in the sidebar. Each policy displays a status badge showing its current lifecycle stage.

2. Navigating the Lifecycle dashboard

The Lifecycle page gives you a bird's-eye view of all policies grouped by their current stage. To access it:

Click Policies > Lifecycle in the left sidebar
You'll see a kanban-style board with columns for each stage: Draft, Review, Approved, Published, and Archived
Click any policy card to open its detail view, where you can see its full history, current owner, and next review date

Use the filters at the top to narrow by category, framework tag, or policy owner. This is particularly useful for compliance_admins managing dozens of policies across multiple frameworks.

3. Version history

PolicySuite maintains a complete version history for every policy. Each time you edit and publish an update to a policy, a new version is created automatically:

Major versions (1.0, 2.0, 3.0) — created when significant changes are made to scope, requirements, or obligations
Minor versions (1.1, 1.2) — created for smaller amendments like typo corrections, formatting updates, or clarifications

To view a policy's version history, open the policy and click the Version History tab. You can:

View any previous version in its entirety
Compare two versions side-by-side to see exactly what changed
See who authored each version and when it was published
View which employees acknowledged each specific version

Tip: When you edit a published policy, PolicySuite creates a new draft version alongside the existing published one. Employees continue to see the current published version until you publish the update. This means there is zero downtime or confusion during the editing process.

4. Review cycles and reminders

Keeping policies up to date is a core compliance requirement. PolicySuite helps you stay on top of reviews with built-in scheduling:

Set a review date — when creating or editing a policy, set the next review date in the metadata panel. Common cadences are quarterly, semi-annually, or annually.
Automated reminders — PolicySuite sends email reminders to the policy owner as the review date approaches: 30 days before, 7 days before, and on the day itself.
Overdue tracking — policies that pass their review date without being updated are flagged as overdue in the Lifecycle dashboard with a red indicator.

Compliance_admins can view all upcoming and overdue reviews from the Policies > Lifecycle page, making it easy to chase policy owners and maintain your review schedule.

5. Approval workflows

Approval workflows add a governance layer to prevent unapproved content from reaching employees. Here's how the workflow operates:

The policy author finishes editing and clicks Submit for Review
The assigned reviewer receives an email notification with a direct link to the policy
The reviewer reads the policy and either clicks Approve or Request Changes
If changes are requested, the author receives a notification with the reviewer's comments and can make edits before resubmitting
Once approved, a compliance_admin or org_admin can publish the policy to make it live

Approval workflows are optional and can be enabled or disabled in Settings > Policies > Workflow. When disabled, policy_authors and compliance_admins can publish directly without a review step.

Still need help?

Email our support team at support@policy-suite.com — we typically respond within 24 hours.