Policies are rules governing choices in the behaviour of the system. There are two basic types supported by the current implementation: Obligation Policies and Authorisation Policies.
Obligation Policies, also known as Event Condition Action rules must perform certain actions when certain events occur.
Authorisation Policies permit or deny actions based upon the action, the source of the action and the target of the action.
Policies are dynamic, they may be changed at any time by loading, enabling and disabling without stopping the system. Policies may be specified for groups of managed Objects, often before the objects themselves are instantiated. Full documentation about the different types of policies may be found by following the links above.