CQC policies and procedures: the complete guide
By Cura Compliance UK · Updated 3 July 2026
CQC policies and procedures are the written rules that set out how a care service delivers safe, effective, caring, responsive and well-led care. Every CQC-registered provider must have them, keep them current, and be able to show staff follow them. They are the backbone of the evidence the Care Quality Commission reviews at inspection.
What are CQC policies and procedures?
A policy states what your service does and why; a procedure sets out how staff do it in practice. Together they translate regulations — the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014 — into day-to-day working instructions. The CQC does not publish a fixed list of mandatory policies, but it does expect the arrangements those policies describe to exist and to be followed.
In other words, inspectors are not ticking off document titles. They are checking that what your policy promises is what actually happens on the ground, and that staff, people using the service and records all tell the same story.
Which policies does a CQC-registered service need?
The exact set depends on your regulated activity and client group, but almost every adult social care provider needs policies covering these areas:
- Safeguarding adults (and children where relevant) and whistleblowing
- Safe recruitment, DBS checks and staff induction
- Medicines management (administration, storage, errors)
- Infection prevention and control
- Health and safety, including lone working and moving and handling
- Person-centred care planning and consent / mental capacity (MCA and DoLS)
- Dignity, equality, diversity and human rights
- Complaints, compliments and duty of candour
- Governance, audit and record keeping (including data protection)
- Business continuity and emergency planning
How policies map to the CQC quality statements
Under the single assessment framework the CQC assesses services against 34 quality statements grouped under the five key questions — safe, effective, caring, responsive and well-led. Your policies provide much of the documentary evidence for these statements. For example, your safeguarding policy underpins the "safeguarding" quality statement, while your audit and oversight arrangements evidence the "governance, management and sustainability" statement under well-led.
The strongest evidence is not the policy alone but the chain from policy to practice: a current policy, staff trained on it, records showing it is applied, and audits that catch and fix lapses. See how to prepare for a CQC inspection for how inspectors test that chain, cross-checking your documents against what staff say and what records show.
Keeping policies inspection-ready
Out-of-date policies are one of the most common and most avoidable findings. A policy that still cites superseded guidance, names a manager who left two years ago, or was last reviewed outside your stated review cycle signals weak governance — exactly what the well-led key question probes.
- Give every policy a version number, an owner, a review date and a next-review date
- Review on a set cycle (annually as a minimum) and whenever law or guidance changes
- Record that staff have read and understood each policy — an acknowledgement log is your evidence
- Keep a single controlled copy so there is never doubt about which version is current
Templates versus writing your own
Writing every policy from scratch is slow and easy to get wrong; generic free templates are often unbranded, unmapped to the regulations and quickly stale. A maintained, regulator-aligned policy library gives you the best of both: a complete set you can adopt immediately, personalised with your organisation's details, and kept current as the rules change. Weigh the options in care policy templates vs building your own.
How CuraFlow helps
CuraFlow gives CQC-registered providers a complete, version-controlled policy library mapped to the quality statements, auto-filled with your company details, with staff acknowledgement tracking and Word and PDF downloads. When a policy is updated you are notified, so your set stays inspection-ready without manual chasing. See pricing and free samples or browse a library by service type in the policy catalogue.
Frequently asked questions
- Does the CQC provide a list of required policies?
- No. The CQC does not publish a mandatory policy list. It expects the arrangements described by policies — for safeguarding, medicines, recruitment, governance and so on — to be in place, current and followed in practice, and it reviews the evidence against the 34 quality statements.
- How often should CQC policies be reviewed?
- Review each policy on a set cycle — annually as a minimum — and additionally whenever the underpinning law or national guidance changes. Record the review date, version and next-review date so you can evidence a controlled review cycle at inspection.
- Are free CQC policy templates good enough?
- Free templates can be a starting point but are often generic, not mapped to the regulations or quality statements, and quickly out of date. For inspection you need policies that are current, personalised to your service and demonstrably followed by staff.
- What happens if my policies are out of date at inspection?
- Out-of-date or unfollowed policies are commonly cited under the well-led key question as weak governance. It can contribute to a lower rating and to requirement or enforcement actions, so keeping policies current and evidencing that staff apply them matters.
- Do staff need to sign that they have read each policy?
- Yes — recording that staff have read and understood relevant policies is key evidence that your written procedures are actually applied. An acknowledgement log linking each staff member to the policy versions they have accepted is the simplest way to prove it.
Ready-to-use, regulator-aligned policies for your service
Browse the domiciliary care policy library