Skip to main content
DraftIndicative placeholder for the section owner — amend, replace, or confirm as the first definitive version.

Doc owner: COS

Enterprise Policy Domain

Long-form meaning and scope

Enterprise policies cover company-wide baselines that apply across all functions and domains. These are the foundational constraints that every part of Allied must satisfy.

Scope boundaries

  • Quality — Quality management system (QMS) baselines, quality expectations
  • Safety — Safety management system (SMS), workplace safety, product safety baselines
  • Risk — Enterprise risk management, risk appetite, escalation
  • Compliance — Regulatory adherence, audit readiness, certification, control evidence
  • Governance — Document control, change management, approval authorities
  • Cross-cutting controls — Policies that span multiple functions (e.g. ISO 9001, ISO 27001 mapping)

What belongs here

  • POL-ENT-xxx policies
  • Company-wide quality, safety, risk, governance baselines
  • Document control policy
  • Change management policy (organisational, not engineering change)

What does not belong here

  • Engineering-specific configuration management (→ engineering/)
  • Production-specific supplier quality (→ production/)
  • Digital-specific access control (→ digital/)
  • People-specific conduct (→ people/)
  • ISO 9001
  • ISO 27001 (where enterprise-wide)
  • UK MOD / defence governance expectations