policies

The Policy module defines and enforces governance controls across applications and application users.

Policies operate within Identity Governance & Administration and are also available in the SaaS Management view. Governance logic remains consistent across both modules, ensuring uniform enforcement for access controls, application posture, and SaaS environments.

A policy evaluates configured conditions against selected entities. When those conditions evaluate as true, the system generates violations and, if enforcement is enabled, initiates remediation workflows. Each evaluation is recorded for monitoring and audit purposes.

Policies operate in one of two modes:

• Monitor records violations without applying corrective action.
• Enforce records violations and executes the configured remediation playbook.

Execution occurs based on configured triggers. A policy can run:

• In response to system events
• On a defined schedule
• Through manual execution

This execution flow ensures continuous evaluation while maintaining operational control over enforcement behavior.