Free Word download β’ Edit online β’ Save & share with Drive β’ Export to PDF
A Purchasing Policy is an internal governance document that defines how an organization buys goods and services β setting out the procedures employees must follow to request a purchase, the dollar thresholds that determine who must approve it, the rules for obtaining competitive quotes, the conditions under which a single vendor may be selected without competition, and the ethics standards that govern vendor relationships. Unlike a purchase order or requisition form, the purchasing policy is the foundational rulebook that explains when those documents are required and what authority sits behind them.
Without a written purchasing policy, spending authority defaults to informal norms: whoever asks loudest gets approved, thresholds exist only in the CFO's head, and the first audit uncovers a pattern of split transactions, unapproved vendors, and undisclosed vendor relationships. The consequences are concrete β budget overruns that trace back to dozens of uncontrolled small purchases, vendors paid without valid W-9s or insurance certificates on file, and procurement decisions that cannot withstand scrutiny from an auditor, a lender, or a grant funder. A purchasing policy closes these gaps by creating a documented, enforceable process that applies consistently regardless of who is making the buying decision. This template gives you a structured starting point you can adapt to your organization's approval hierarchy and distribute to staff in under a day.
| If your situation is⦠| Use this template |
|---|---|
| High-volume or multi-entity organization needing end-to-end sourcing controls | Procurement Policy |
| Documenting how staff submit and track spend requests | Purchase Requisition Form |
| Authorizing a specific purchase or order from a vendor | Purchase Order |
| Evaluating and scoring competing vendor proposals | Request for Proposal (RFP) |
| Tracking approved vendors and contract terms in one register | Vendor Management Policy |
| Setting rules for employee out-of-pocket business expenses | Expense Reimbursement Policy |
| Governing travel bookings and per diem alongside purchases | Travel and Expense Policy |
Why it matters: Without it, a $15,000 purchase gets processed as three $5,000 orders to stay below the CFO-approval threshold β a textbook audit finding that signals weak internal controls.
Fix: Add explicit language: 'Purchases that are part of a single project or initiative may not be divided into smaller transactions to avoid a higher approval tier.'
Why it matters: A threshold of $5,000 or above leaves the majority of transactions β including many recurring subscriptions and services β completely outside the approval workflow.
Fix: Set the requisition threshold at a level that captures at least 70% of transaction volume by count, not by dollar value, so the process governs frequency as well as magnitude.
Why it matters: Teams quickly learn to frame avoidable last-minute needs as emergencies, effectively making the competitive bidding requirement optional for anyone willing to wait until the deadline.
Fix: Limit sole-source justifications to technical uniqueness, proprietary compatibility, or genuine unforeseen emergencies β and require the approver to document why earlier planning was not feasible.
Why it matters: Purchasing from an unapproved vendor bypasses insurance verification, tax documentation, and payment detail validation β exposing the organization to fraud, uninsured liability, and IRS reporting failures.
Fix: Make approved-vendor-list membership a hard prerequisite for PO issuance, and build a fast-track onboarding lane (48 hours) for genuinely urgent new vendor situations.
Enter the organization's legal name, list any entities or locations covered, name any spend categories explicitly excluded (e.g., payroll, capital leases), and set the effective date.
π‘ Review existing finance policies before finalizing scope β gaps between the purchasing policy and the expense reimbursement policy are where unauthorized spend hides.
Name the policy owner (typically the CFO or procurement manager), list each approver role by title, and designate a backup for each so the process does not stall when someone is out.
π‘ Use role titles, not personal names β policies should survive staff turnover without requiring a revision.
Define three to five spending tiers and assign a minimum approver level to each. Add explicit anti-splitting language prohibiting the division of a single purchase into smaller transactions to circumvent a higher tier.
π‘ Benchmark tiers against your typical transaction sizes β if 80% of purchases fall below Tier 1, the threshold is too high to provide meaningful control.
Set the dollar amount that triggers the three-quote requirement and the higher amount that requires a formal RFP. Specify how quotes must be documented and how long records must be retained.
π‘ Set the three-quote threshold at roughly 5β10% of your annual operating budget β low enough to catch meaningful spend, high enough that staff aren't gathering quotes for a $200 office supply order.
List the specific, narrow grounds that justify bypassing competition and name the form and approver required. Exclude 'time pressure due to late planning' as a valid justification.
π‘ Require the sole-source form to be submitted before the PO is issued β not after. Retroactive justifications signal a process that exists on paper only.
List the documents a new vendor must provide (W-9, proof of insurance, bank details) and the threshold above which enhanced due diligence applies. State that no PO may be issued to a vendor not on the approved list.
π‘ Build a simple approved vendor list in a shared spreadsheet or your accounting system β it reduces onboarding delays and gives auditors a clean record.
Enter the maximum gift or entertainment value employees may accept from vendors, name the disclosure procedure for conflicts of interest, and identify the HR or compliance contact who receives disclosures.
π‘ A $0 threshold sounds principled but creates compliance fatigue β a $25β$50 incidental threshold is widely used and easier to enforce consistently.
Send the finalized policy to all staff with purchasing or approval responsibilities and collect a signed acknowledgment. Store signed copies in your HR or compliance system.
π‘ Schedule a calendar reminder to review the policy annually β approval thresholds that made sense at 20 employees are often too restrictive or too permissive at 100.
A purchasing policy is an internal governance document that defines how an organization buys goods and services. It sets the procedures employees must follow to request a purchase, the dollar thresholds that trigger different levels of approval, the rules for obtaining competitive quotes, and the ethics standards that govern vendor relationships. It exists to prevent unauthorized spending, reduce fraud risk, and ensure the organization gets fair value for its money.
The terms are often used interchangeably, but a procurement policy typically covers the full sourcing lifecycle β supplier strategy, category management, contract lifecycle, and supplier performance β while a purchasing policy focuses specifically on the transactional buying process: requisitions, approvals, and vendor selection for individual purchases. For most small and mid-size organizations, a purchasing policy is sufficient. Larger organizations with dedicated sourcing teams often have both.
Most organizations use three to five tiers. A common structure for a mid-size company is: up to $1,000 β department manager; $1,000β$10,000 β director or VP; $10,000β$50,000 β CFO; above $50,000 β CEO or board. The right thresholds depend on your transaction volumes and risk tolerance. The key is that tiers are low enough to capture meaningful spend and that anti-splitting rules prevent gaming.
Most purchasing policies require a minimum of three written quotes for purchases above a defined threshold β commonly $2,500β$5,000 β and a formal RFP process for larger purchases, often above $25,000β$50,000. The exact thresholds should reflect the organization's size and the volume of purchases at each level. Sole-source exceptions should be allowed only for technically justified situations, not for convenience.
A sole-source justification is a written document explaining why a purchase is being made from a single vendor without competitive bidding. Valid grounds typically include: only one supplier is technically capable of meeting the requirement, the purchase must be compatible with existing proprietary systems, or a genuine emergency prevents a competitive process. The justification should be completed and approved before the purchase order is issued, not after.
Yes. An ethics section is essential because employees involved in vendor selection are regularly offered gifts, meals, and entertainment. Without clear rules β including a defined dollar threshold and a mandatory disclosure process for conflicts of interest β the organization is exposed to undisclosed vendor relationships that compromise the integrity of purchasing decisions and create legal liability. Most organizations set a gift acceptance limit of $25β$50 per vendor per year.
Review the policy at least once a year, and trigger an off-cycle review any time the organization undergoes significant growth, an audit identifies control gaps, or the approval hierarchy changes materially. Approval thresholds that were appropriate for a 20-person company are typically too high or too low by the time the company reaches 100 people.
The CFO or finance director typically owns the policy and approves the final version. For organizations with a board or audit committee, the policy should be presented for board awareness or formal approval β especially if it governs expenditures above a threshold that would otherwise require board sign-off. All employees with purchasing or approval responsibilities should sign an acknowledgment confirming they have read and understood the policy.
Yes β the template is designed to scale down as well as up. A 5β20 person company can simplify the approval tiers to two levels (staff and owner), skip the formal RFP process, and set a low sole-source threshold. The value for small businesses is having any written policy at all: it creates a paper trail, signals financial controls to lenders and investors, and prevents the informal buying habits that cause budget overruns as teams grow.
A purchase requisition form is the transactional document an employee submits to initiate a specific purchase. A purchasing policy is the governance framework that defines when a form is required, who approves it, and what rules apply. The form implements the policy β the policy explains the rules the form enforces.
A purchase order is the external commercial document sent to a vendor to authorize a specific transaction. A purchasing policy is the internal governance document that determines when a PO is required, who can issue one, and what spending limits apply. The policy controls whether and how a PO gets created.
An expense reimbursement policy governs out-of-pocket spending by employees who pay personally and then claim reimbursement β typically for travel, meals, and incidentals. A purchasing policy governs direct organizational spending through requisitions, POs, and vendor contracts. Both are needed; they cover distinct spending channels.
A vendor agreement is the bilateral contract between the organization and a specific supplier that governs price, delivery, warranties, and liability for an ongoing relationship. A purchasing policy is the unilateral internal document that sets the rules employees must follow before they can engage any vendor and sign any agreement.
Subcontractor and freelancer engagements require purchasing controls alongside standard vendor rules to avoid misclassification and unapproved commitments.
Grant funders and government contracts frequently require documented procurement policies as a condition of funding, with specific competitive bidding thresholds.
Raw material and component sourcing involves high transaction volumes and preferred-supplier agreements that must be reflected in the policy's vendor and contract sections.
Medical device and pharmaceutical purchases involve regulatory compliance requirements, vendor credentialing, and ethics rules that are stricter than general commercial standards.
High-frequency inventory purchasing and drop-ship supplier arrangements require streamlined requisition workflows and clear PO authority at the buyer level.
Software subscriptions and cloud services often auto-renew, making contract authority and renewal-approval rules particularly important to prevent unauthorized spend creep.
| Path | Best for | Cost | Time |
|---|---|---|---|
| Use the template | Small and mid-size organizations formalizing purchasing controls for the first time | Free | 2β4 hours to customize and distribute |
| Template + professional review | Organizations subject to audit, grant compliance requirements, or with approval hierarchies above three tiers | $300β$800 for a CFO or compliance consultant review | 3β5 business days |
| Custom drafted | Large enterprises, government contractors, or organizations with complex multi-entity or multi-currency procurement operations | $2,000β$8,000 for a procurement consultant or internal audit engagement | 3β6 weeks |
This document is one of 3,000+ business & legal templates included in Business in a Box.
Access over 3,000+ business and legal templates for any business task, project or initiative.
Customize your ready-made business document template and save it in the cloud.
Share your files and folders with your team. Create a space of seamless collaboration.
"Fantastic value! I'm not sure how I'd do without it. It's worth its weight in gold and paid back for itself many times."
"I have been using Business in a Box for years. It has been the most useful source of templates I have encountered. I recommend it to anyone."
"It has been a life saver so many times I have lost count. Business in a Box has saved me so much time and as you know, time is money."
Stop downloading documents. Start operating with clarity. Business in a Box gives you the Business Operating System used by over 250,000 companies worldwide to structure, run, and grow their business.
Free Forever PlanΒ Β·Β No credit card required
