Policy Enforcement
The Policy enforcement module is a core governance tool designed to automatically ensure compliance and security across your Google environment. It allows administrators to define and enforce rules that control settings, sharing, and permissions on Google Drives and other services.
The module operates with two distinct policy types, each suited for different scenarios:
- **Automatic policies** – Proactive, scheduled policies that continuously monitor a pre-defined data scope. They automatically run on a schedule to detect violations without manual intervention.
- **On-demand policies** – Reactive, manual policies without a fixed scope or schedule. They are explicitly run by an administrator against specific targets in the **Administration** module, such as an individual shared drive, for one-time spot checks.
Once a violation is detected by the policies, the following operations are available:
- **Automatic** **fix**: The system will execute a pre-configured action to resolve the violation without human input.
- **Reporting**: The violation and its details will be displayed in the [Violation Report](#missing-link). Administrators can then manually investigate and decide on the next steps.
- **Approval** **process**: The violation is sent through a configurable system-level approval workflow. Stage approvers can then review the details in the system and manually decide the follow-up actions.
To create policies and review violations, click Policy enforcement on the left navigation and then refer to the following sections.
