Policies and Procedures for Schools: ComplyPlus™ Software

Policies and procedures for schools are not simply administrative documents. They are part of the governance framework that helps schools create safe, lawful, inclusive and well-led environments for pupils, staff, governors, trustees, parents, carers, contractors and visitors. When policies are clear, current, and properly implemented, they help schools translate legal duties, statutory guidance, and professional expectations into consistent day-to-day practice.

This matters because schools operate within a complex framework of safeguarding duties, behaviour expectations, attendance responsibilities, equality obligations, complaints-handling requirements, data protection rules, health and safety duties and leadership accountability. A school may have many policies in place, but if they are outdated, difficult to find, poorly understood or disconnected from training and evidence, they can create avoidable risk.

In this blog, Lewis Normoyle explains what school policies and procedures should cover, why they matter, what leaders should do in practice, and how ComplyPlus™ Software can help schools strengthen policy control, workforce assurance and governance oversight. ComplyPlus™ is a compliance management platform developed by Learn Pac Systems, the parent company of The Mandatory Training Group. It supports regulated organisations with training, policies, procedures, governance, evidence management and inspection readiness.

What are the policies and procedures for schools?

School policies are formal statements that explain the school's principles, rules, responsibilities and expectations. Procedures are the practical steps that show how to apply those expectations in real situations.

In a well-run school, policies and procedures help staff understand what must happen, who is responsible, what records should be kept, when concerns must be escalated, and how the school will respond consistently. They support safer practice, regulatory compliance, staff confidence, parental trust and leadership accountability.

A strong school policy framework usually covers safeguarding, child protection, staff conduct, safer recruitment, behaviour, attendance, complaints, Special Educational Needs and Disabilities (SEND), equality, health and safety, first aid, risk assessment, data protection, online safety, educational visits, governance, curriculum-related duties and workforce management.

The exact policy set depends on the type of school. A maintained school, academy, independent school, special school, alternative provision setting or boarding school may have different requirements, structures and oversight arrangements. However, the core principle is the same: Policies should be current, setting-specific, accessible, understood and evidenced.

For a wider explanation of how policies differ from procedures, protocols and guidelines, see our guide to policy terminology and governance.

Why do school policies and procedures matter?

School policies and procedures matter because they shape how the school protects children, manages risk, supports staff and demonstrates accountability. They are not the whole of governance, but they are one of the ways governance becomes visible in everyday practice.

They support safeguarding and child protection

Safeguarding is one of the most important areas of school governance. Keeping Children Safe in Education is statutory guidance for schools and colleges in England, and schools must have regard to it when carrying out their duties to safeguard and promote the welfare of children.

A safeguarding policy should not be a generic document. It should explain the school's local reporting routes, the Designated Safeguarding Lead's responsibilities, arrangements for concerns about pupils, allegations against staff, low-level concerns, online safety, information sharing, referrals, record-keeping, and escalation.

They help staff act consistently

Schools are busy, high-trust environments where staff make decisions every day. Clear procedures reduce variation and confusion. They help staff know what to do when a pupil discloses a concern, a parent makes a complaint, a child is absent, behaviour escalates, an accident occurs, a data breach is suspected, or a safeguarding concern needs to be recorded.

They strengthen governance and oversight

Policies help governors, trustees, senior leaders and school managers understand whether legal, regulatory and operational responsibilities are being managed. They also provide an evidence trail for leadership review, staff training, audits, complaints, safeguarding reviews and inspection preparation.

They improve evidence readiness

Good policies are linked to evidence of implementation. This may include staff training records, acknowledgements, risk assessments, incident logs, supervision notes, audit reports, governor minutes, action plans and communication records.

A school that can quickly show the current policy, review history, staff training record and related action trail is better placed to demonstrate that its systems are active, not merely documented.

What legal and regulatory expectations should school policies reflect?

School policies in England should reflect current law, statutory guidance, and regulators' expectations, rather than generic wording copied from outdated templates.

Relevant sources may include the Education Act 2002, Keeping Children Safe in Education, Working Together to Safeguard Children (WTSC), the Equality Act 2010, the United Kingdom General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, health and safety legislation, complaints guidance, attendance guidance, behaviour guidance, SEND duties and the Independent School Standards, where applicable.

The Department for Education (DfE) publishes statutory guidance that schools and local authorities should follow unless there is a good reason not to. Some guidance must be followed without exception. Schools must therefore ensure that policies are reviewed when statutory guidance changes, when internal arrangements change, or when incidents, complaints or audits identify learning.

This blog does not duplicate MTG's broader explainer on Ofsted. For readers who need the wider inspection and regulatory context, our guide to Ofsted's role in inspection and regulation explains that topic separately.

What should school policies and procedures cover?

A strong school policy framework should cover both frontline practice and organisational oversight. The following areas are particularly important.

Safeguarding and child protection

This should cover child protection, safeguarding roles, the Designated Safeguarding Lead, concerns about pupils, allegations against adults, low-level concerns, whistleblowing, online safety, radicalisation, safer information sharing, referrals, record keeping and escalation.

Staff conduct and safer working practice

Schools should have clear expectations for professional conduct, boundaries, communication, physical contact, lone working, social media, the use of images, confidentiality, reporting concerns, and conduct outside school, where relevant.

Safer recruitment and staff suitability

Policies should cover recruitment checks, references, Disclosure and Barring Service checks, right-to-work checks where applicable, identity verification, qualification checks, induction, ongoing suitability, and single central record oversight.

Behaviour, attendance and pupil welfare

Behaviour and attendance policies should explain expectations, support arrangements, interventions, recording, escalation, sanctions, suspension or exclusion where relevant, and how the school promotes a safe and respectful learning environment.

These policies should be practical and joined up. Behaviour, attendance, safeguarding, SEND and pastoral support often overlap in practice, even though they may be set out in separate documents.

SEND, equality and inclusion

Schools need policies that support non-discrimination, accessibility, reasonable adjustments, inclusion, SEND provision, pupil support and partnership with parents, carers and external agencies.

These policies should not be written only as statements of principle. They should help staff understand how inclusive practice is applied, how concerns are escalated, and how support is recorded and reviewed.

Health, safety and risk management

Health and safety procedures should cover risk assessments, fire safety, first aid, accidents, educational visits, premises management, emergency response, reporting routes, maintenance and incident review.

Relevant staff training may include health and safety eLearning, fire safety training, first aid courses and other role-specific learning.

Complaints and communication

Schools should have clear complaints procedures that explain how concerns are raised, acknowledged, investigated, escalated and resolved. Maintained schools and academies have specific complaints-related expectations, and procedures should be published and workable.

A complaints policy is not only about responding to dissatisfaction. It is also a source of organisational learning. Repeated themes may indicate communication gaps, unclear procedures, leadership issues or areas where staff need further support.

Records, confidentiality and data protection

Schools hold sensitive information about pupils, families and staff. Policies should cover confidentiality, lawful information sharing, access controls, retention, secure storage, data breaches, device use, email communication and digital systems.

Information governance is particularly important where safeguarding, SEND, medical needs, parental responsibility or staff conduct issues are involved. Staff need practical guidance, not abstract data protection language.

Online safety and digital conduct

Online safety policies should cover filtering and monitoring, acceptable use, cyberbullying, social media, devices, online communication, safeguarding concerns and staff responsibilities. This should connect to safeguarding, behaviour and information governance rather than sit separately.

Governance, review and workforce assurance

Schools also need policies covering policy review cycles, approvals, governor or trustee oversight, staff induction, continuing professional development, disciplinary processes, grievance procedures, whistleblowing, supervision where relevant, and leadership accountability.

For schools reviewing governance more broadly, our guide to good governance for regulated organisations explains broader governance principles without replacing this school-specific policy article.

What does good school policy governance look like?

Good policy governance is not simply about having the right documents. It means managing the full lifecycle of each policy.

Each policy should have:

• A clear owner

• An approval route

• A review date

• A version history

• A summary of changes

• A staff communication route

• Linked training or briefing where required

• Evidence of staff acknowledgement

• Implementation checks

• An earlier review trigger where risks change.

A strong school should be able to answer: Which policies are current? Which are overdue? Who approved them? What changed? Which staff have acknowledged them? What training is linked to them? What evidence shows they are being implemented?

This is where systems matter. If policies sit in one folder, training records in another platform, safeguarding actions elsewhere and audit findings in spreadsheets, leadership oversight becomes harder. Fragmentation increases the risk that important issues are missed.

How should schools link policies to training and competence?

Policies only work when staff understand and apply them. Reading a policy once is rarely enough, especially for high-risk areas such as safeguarding, first aid, health and safety, data protection, behaviour, attendance, complaints and online safety.

Schools should link policy implementation to:

• Induction and onboarding

• Mandatory safeguarding updates

• Role-specific training

• Staff briefings

• Governor or trustee awareness

• Scenario-based learning

• Supervision or line management

• Audit findings

• Incident and complaint reviews

• Continuing professional development.

For example, a safeguarding policy should be reinforced through training, briefings, reporting practice and case discussion. A complaints procedure should be understood by office staff, leaders and governors. A data protection policy should be supported by practical training on records, emails, devices and breaches.

Schools and colleges reviewing staff development can explore CPD-accredited online courses for schools and colleges and for CPD accredited online courses. The Mandatory Training Group's CPD provision is also reflected on its CPD Certification Service provider profile.

How does ComplyPlus™ Software help with school policies and procedures?

ComplyPlus™ Software helps schools move from fragmented document storage towards a connected compliance and governance model. Developed by Learn Pac Systems, the parent company of The Mandatory Training Group, ComplyPlus™ brings training, policy management, compliance records, governance evidence and reporting into one platform.

For schools, ComplyPlus™ can support:

• Centralised policy and procedure management

• Version control and document ownership

• Policy review cycles and reminders

• Staff access to current documents

• Staff acknowledgement records

• Training and compliance evidence

• Audit trails and action tracking

• Links between policies, learning and governance records

• Stronger evidence readiness for leadership and inspection review.

The practical value is not just digital storage. It is better control, clearer oversight and more reliable evidence. A system such as ComplyPlus™ helps school leaders move from "we have the policy somewhere" to "we can show the current version, who has acknowledged it, what training supports it, and what actions are linked to it".

Schools reviewing their policy framework can explore ComplyPlus™ policies and procedures, wider regulatory compliance management software and ComplyPlus™ support for Ofsted-regulated providers. Where policy implementation depends on workforce training, a connected learning management system can also support assignment, tracking and reporting.

Common weaknesses in school policy systems

Strong policy systems help schools maintain clear oversight, consistent practice and reliable evidence across key areas of responsibility.

Over-reliance on templates

Templates can save time, but they must be adapted. A policy should reflect the school’s phase, governance structure, staff roles, pupil needs, local safeguarding arrangements and operational risks.

Poor version control

If outdated policies remain in shared folders or staff rely on different versions, consistency is weakened. Version control is a governance issue, not just an administrative task.

Weak implementation

A policy that staff cannot explain or apply is not effective. Schools should test understanding through training, briefings, audits and case reviews.

Fragmented evidence

Policies, training records, action plans, complaints and incident logs often sit in separate systems. This makes oversight harder and weakens evidence readiness.

Review by date only

A review date is useful, but policies should also be reviewed when evidence indicates a need for change. Incidents, complaints, safeguarding concerns, legal changes, inspection findings and internal audits should trigger review where appropriate.

Lack of governor or trustee visibility

Policy review should not be hidden in administration. Governors, trustees and senior leaders need enough visibility to understand whether key policies are current, implemented and linked to risk management.

What should schools do in practice?

A practical six-step approach works well.

1. Audit the current policy framework

Review what policies exist, what is missing, what overlaps, what is outdated and who owns each document.

2. Prioritise high-risk policies

Start with safeguarding, child protection, staff conduct, safer recruitment, complaints, health and safety, first aid, attendance, behaviour, data protection and governance.

3. Tailor policies to the school’s context

Make sure policies reflect the school’s phase, setting, pupils, staff structure, governance arrangements and local risks.

4. Link policies to training

Ensure key policies are reinforced through induction, CPD, staff briefings, role-specific training and leadership oversight.

5. Test implementation

Use audits, spot checks, safeguarding reviews, complaints analysis, governor questions and leadership monitoring to test whether policies work in practice.

6. Keep evidence accessible

Maintain a clear audit trail that shows current policies, review dates, approvals, staff acknowledgements, training evidence, and improvement actions.

FAQs about policies and procedures for schools

Below are some of the most frequently asked questions and answers regarding school policies and procedures.

What are school policies and procedures?

They are written rules and practical steps that help schools operate safely, lawfully and consistently. Policies set expectations; procedures explain how those expectations are carried out.

Why are policies and procedures important in schools?

They support safeguarding, legal compliance, staff clarity, parental confidence, governance oversight and safer learning environments.

What policies must schools have?

Requirements vary by school type, but core areas usually include safeguarding, behaviour, attendance, complaints, health and safety, data protection, equality, SEND and staff conduct.

Do schools have to follow Keeping Children Safe in Education?

Yes. Schools and colleges in England must have regard to Keeping Children Safe in Education when carrying out safeguarding duties.

Do schools need a complaints procedure?

Yes. Maintained schools, academies and independent schools need complaints procedures that reflect the relevant legal and governance requirements.

How often should school policies be reviewed?

Policies should be reviewed regularly and sooner when law, guidance, risks, incidents, complaints, inspection findings or organisational changes require updates.

Should schools rely only on policy templates?

No. Templates can help, but they must be adapted to the school’s context, pupils, governance structure, staffing model and risks.

How do policies link to staff training?

Policies set expectations. Training, induction, briefings and CPD help staff understand how to apply them in real situations.

What is one of the biggest policy governance risks for schools?

Fragmentation. When policies, training records, incidents, complaints, and action plans reside in separate systems, oversight weakens.

How can ComplyPlus™ Software help schools?

ComplyPlus™ helps schools manage policies, procedures, version control, training evidence, audit trails and governance records in a more connected system.

School policy governance: Key themes and outcomes

Conclusion

Policies and procedures for schools are not simply formal requirements. They are part of how schools safeguard children, manage risk, support staff and demonstrate that the organisation is well-led.

When policies are current, tailored, understood and properly governed, they support safer practice, clearer accountability and stronger evidence readiness. When they are outdated, fragmented or disconnected from training, they create avoidable risk.

For school leaders, the key question is not whether policies exist. It is whether the school has a system that keeps them relevant, accessible, implemented and defensible.

Strengthen school policy governance with ComplyPlus™ Software

If you are reviewing your school's policy framework, explore ComplyPlus™ policies and procedures, CPD-accredited online courses for schools and colleges and the wider ComplyPlus™ compliance management platform.

You can also contact our team to discuss your school policies, procedures, governance and workforce assurance requirements.

Disclaimer: The information on this page is provided for general guidance only and should not be treated as legal, professional or regulatory advice. While we aim to keep content accurate and up to date, requirements may change and may vary depending on individual circumstances. Organisations should seek appropriate professional advice before acting on the information provided.