DraftIndicative placeholder for the section owner — amend, replace, or confirm as the first definitive version.
Doc owner: COS
Enterprise Policy Domain
Long-form meaning and scope
Enterprise policies cover company-wide baselines that apply across all functions and domains. These are the foundational constraints that every part of Allied must satisfy.
Scope boundaries
- Quality — Quality management system (QMS) baselines, quality expectations
- Safety — Safety management system (SMS), workplace safety, product safety baselines
- Risk — Enterprise risk management, risk appetite, escalation
- Compliance — Regulatory adherence, audit readiness, certification, control evidence
- Governance — Document control, change management, approval authorities
- Cross-cutting controls — Policies that span multiple functions (e.g. ISO 9001, ISO 27001 mapping)
What belongs here
- POL-ENT-xxx policies
- Company-wide quality, safety, risk, governance baselines
- Document control policy
- Change management policy (organisational, not engineering change)
What does not belong here
- Engineering-specific configuration management (→ engineering/)
- Production-specific supplier quality (→ production/)
- Digital-specific access control (→ digital/)
- People-specific conduct (→ people/)
Related standards
- ISO 9001
- ISO 27001 (where enterprise-wide)
- UK MOD / defence governance expectations