There is a particular kind of marketing copy you see on Australian compliance template stores. It always claims a number. "Over 200 ready-to-use PDF templates." "450+ HR documents." "Built by ex-WorkSafe inspectors." The implication is that compliance is a content problem — a matter of having enough paper in a folder to wave at an auditor.
It isn't. And anyone who has actually sat through an incident investigation, an insurer audit, or a tier-one head contractor's pre-qualification process knows it isn't. They aren't asking how many documents you've downloaded. They're asking three questions, in order, and they ask them in plain English.
What auditors actually ask
The first question is show me the document that covers this specific risk on this specific job. Not a generic WHS Policy. The Safe Work Method Statement for working at heights on the residential build at 14 Carlisle Street. Dated. Signed by every person on the crew. Aligned to the actual control measures you used.
The second question is who is responsible for this control, and how do you know they did the thing the document says they would do? This is where templates fall apart. A downloaded SWMS for "working at heights" assumes a competent person, names no responsibility, and has no register linking back to a daily prestart record. Auditors ask for the chain. The PDF is one link. There are five more.
The third question is when did this document last change, and why? The Model WHS Regulations are amended on a rolling basis. The NSW Code of Practice for Construction Work updated in March 2024. The federal Privacy Act reforms passed in late 2024 changed the obligations of any business handling personal information. A template downloaded in 2022 and stored in a Dropbox folder is, by any reasonable definition, out of date. The fact that it has 47 footnotes and a ten-page table of contents doesn't change that.
The marketplace problem
The reason template marketplaces are popular isn't that operators are lazy. It's that they're stuck. The genuine alternative — a $5,000 law firm engagement — isn't available to a sole-trader plumber, a three-person cafe, or a regional clinic. So they buy a folder of PDFs, pay $199 once, file them somewhere, and hope.
The marketplace knows this. Read their disclaimers. "Templates are general in nature and should be reviewed and adapted by a competent person within your business prior to use." That's the entire point. The work hasn't been done. It has been deferred to you, who bought a template precisely because you didn't know what to write.
What a policy actually is
A compliance policy is the rule. The procedure is the steps to apply the rule. The register is the evidence the steps were followed. The training record is the proof the people doing the steps know how. The notification flow is what happens when something breaks. None of those are documents you can download in a zip. They have to be written for your business — your jurisdiction, your headcount, your services, the hazards you actually face.
That's the work. Templates skip it. We don't.
What we do differently
PolicyPack writes every document against your specific industry, your specific state, and the high-risk activities you specifically perform. Every clause cites the Act or Regulation it comes from. The hazard register is prefilled with the controls relevant to the work you described. The incident notification flow lists your state regulator and your notification thresholds, not a generic "contact your local WorkSafe."
If a tier-one builder asks for the SWMS that covers excavation on their site, you can hand them a document with the project address, the crew names, the WHS Regulation references, and a control set that matches the work. That's a policy. Two hundred PDFs in a folder is not.
The honest test
There's a simple way to test whether what you have is a compliance system or just a folder of paper. Pick one document. Then pick one employee. Ask the employee to find it, read it, and tell you what they're supposed to do differently because of it. If they can't, the document is decoration.
Compliance is operational. It belongs in your day-to-day, not in a Dropbox. Templates are the wrong shape for that work, no matter how many of them you stack on top of each other.
This is the gap PolicyPack was built to close.