# Company-Wide Policies

Set policies once at the company level and every employee follows them automatically, no matter how many you hire.

Individual employee settings do not scale. Company-wide policies do. Set a policy once and it applies to every employee across your organization. New hires inherit the same rules from day one. No per-employee configuration, no missed settings, no inconsistency.

The policies dashboard shows every active rule in one place: PII detection settings, content safety filters, execution limits, approval requirements, and custom business rules. Enable, disable, or modify any policy and the change propagates to your entire workforce immediately. If you tighten content safety standards on Tuesday, every employee follows the stricter rules on Wednesday.

Custom business policies handle the rules specific to your company. "Never discuss pricing below tier 2 with unqualified leads." "Always include a legal disclaimer in financial content." "Escalate any request mentioning litigation to the human legal team." These rules are written in plain language, and your AI workforce follows them as strictly as the built-in safety filters.

## Security Rules That Apply to Every AI Employee, Automatically

When you hire a new employee, the last thing you want is to manually configure their security settings from scratch. Company-Wide Security Policies let you define rules once at the workspace level and have them apply to every AI employee you hire, including ones you have not created yet.

These policies cover the full safety stack: content rules, PII handling, approval requirements, execution limits, and access restrictions. Setting them at the company level means there is no way for an individual employee configuration to fall below your baseline. Every agent in your workforce operates within the same security envelope.

## Centralized Control for Compliance and Governance

For organizations in regulated industries, demonstrating that all AI systems operate under consistent policies is a compliance requirement, not just a best practice. Company-Wide Security Policies give you a single place to define, review, and audit those policies. When an auditor asks how you govern your AI workforce, you point to one configuration.

Policies can be locked so individual employees cannot override them, or set as defaults that team leads can adjust within bounds. This lets you enforce hard limits (no agent ever sends external emails without approval) while allowing team-specific customization within those limits.

Policy change history is logged with timestamps and the identity of who made each change. This creates an immutable audit trail showing that your AI governance configuration was intentional, reviewed, and tracked over time.

## Future-Proof Governance as Your AI Workforce Grows

The real value of company-wide policies becomes clear when your workforce scales. At five AI employees, manual configuration is manageable. At fifty, it is not. Company-Wide Security Policies mean that hiring new agents never creates a governance gap. The rules are already in place before the agent's first task.

As your policies evolve, updates propagate to all current employees immediately. You do not need to revisit each employee's settings manually or run a migration job. This makes it practical to tighten your security posture over time as you learn more about how your agents operate in production.

## Use Cases

### CEO sets communication rules for all AI employees

A company-wide policy defines how AI agents communicate with customers, ensuring every employee follows the same tone, escalation path, and approval rules.

### Legal team enforces data handling rules across all agents

One policy document defines what data AI employees can store, share, and process. Every agent in the workforce follows it automatically.

### HR team defines conduct standards for AI workforce

Company conduct policies are applied to all AI employees at once, ensuring consistent behavior across every department and workflow.

### Security team applies access control rules globally

A security policy restricts which external systems AI agents can call, which files they can access, and which actions require human approval, applied org-wide.

## Comparison

| Before | After |
|---|---|
| Each AI employee is configured separately, rules drift over time. | Company policies apply to the entire workforce from one place. |
| Enforcing a new rule means updating every agent one by one. | Change a company policy and every AI employee follows it immediately. |
| Policy compliance is checked manually in audits. | Policies are enforced automatically on every agent action. |
| New AI employees don't inherit the company's rules automatically. | Every new hire inherits company policies from day one. |

## FAQ

### Can individual employees have different policies than the company default?

Yes, within bounds you define. Company policies can be set as hard floors (no override) or as adjustable defaults (team leads can modify within specified ranges). This lets you enforce non-negotiable rules while giving teams flexibility for their specific workflows.

### Do company policies apply to agents hired via API?

Yes. Agents created programmatically through the REST API inherit all company-wide policies at hire, the same as agents created through the UI. There is no way to bypass company policies during agent creation.

### Who can change company-wide policies?

By default, only workspace owners and admins can modify company-wide policies. You can configure additional roles with policy edit access through workspace settings.

### What is the difference between company policies and employee-level settings?

Company policies set the baseline that all employees must meet. Employee-level settings let you customize behavior within that baseline. Think of company policies as the rulebook and employee settings as the playbook for each role.

### Can I enforce the same rules across every AI agent in my organization?

Yes, company-wide policies let you define rules once at the org level and have them apply automatically to every AI employee. Individual employee settings cannot override company policies, so compliance is consistent across your entire workforce.

> I wrote our compliance policy once at the company level. Every agent we hire since then follows it automatically. I have not had to touch individual agent settings for compliance in months.
> — Adaeze O., Chief Compliance Officer · regulated industry