Governance & Policies
Manage your policy register, generate missing policies, fix flagged documents, and maintain your governance posture.
-
Understanding the coverage framework
The coverage framework is a structured list of governance areas your organisation should have in place — such as MFA policies, backup procedures, acceptable use policies, and data handling practices. Each area can be confirmed, assigned to a responsible person, and supported with evidence.
-
Using the Policy Builder
The Policy Builder creates structured, audit-ready policy documents by asking you targeted questions about your organisation. Unlike uploaded documents, generated policies follow a consistent format, are quality-assured, and automatically create recurring compliance tasks where relevant.
-
Understanding policy quality checks
Cleverer automatically checks uploaded policy documents against the concepts expected for that document type. Each document receives a quality status: "Audit risk" (critical concepts missing), "Not suitable" (document too short or fragmented), "Not readable" (format not supported), or "Needs review" (some gaps detected).
-
Fixing flagged policies
When a policy document is flagged as "Audit risk", "Not suitable", "Not readable", or "Needs review", the "Fix this with Cleverer" button appears beside it. This opens the Policy Builder to create a structured replacement for that specific document.
-
Generating missing policies
The "Generate missing policies" button on the Governance tab identifies required policy types that your organisation does not yet have and lets you create them in bulk using the Policy Builder. Required policies include Incident Response, Backup & Recovery, Privacy & Data Handling, and Access Control.
-
Adopting a policy
Generated policies start as drafts. Adoption is the formal step where you confirm a policy is ready to be your organisation's current document. Once adopted, the policy counts toward your governance score and its status changes to "Current".
-
Uploading policy documents
You can upload your own policy documents (PDF, Word) to the governance register. Uploaded documents are quality-checked automatically against the expected content for their document type.
-
Reviewing control coverage
The control coverage summary on your dashboard shows the status of each governance area at a glance: Covered, Partial, Expiring, Gap, or Not Established. This gives you a quick view of your governance posture.
