How can I edit an out-of-the-box policy?
Unlike custom policies, out-of-the-box policies can be configured but not edited. This means that only certain settings are modifiable.
To configure an out-of-the-box policy, follow the steps presented below:
Step 1: Edit Policy Box
- Go to “SETTINGS > Playbooks
- Click “See details” on the policy you want to edit (Policy Box)
- Click “Edit”
Step 2: Configuration
This will take you to the configuration settings specific to the policy, which may include options to enable an approval Workflow, perform a specific management action, configure a trigger, and more.
Policy settings
Enterprise / Professional offerings
Find out more about the Playbook roles required to manage these settings.
The following settings apply to all out-of-the-box policies:
- Enable policy: this prompts reporting on the number of identified issues (matched items). This setting is enabled by default, but you can disable it if you want to remove the policy from your Playbook. However, note that disabling a policy can affect the results of your Playbooks and Governance Center.
By default, all CoreView's out-of-the-box policies are enabled but with Workflow disabled and not displayed to operators.
- Threshold: this enables you to set what value will flag a policy as requiring attention. For instance, if you have a policy that identifies inactive users with an E5 license, you might choose to flag the policy as requiring attention when there are 50 inactive licenses.
Remediation settings
These settings vary across different out-of-the-box policies:
- Enable remediation: this executes the associated Workflow that resolves the detected issues. You can configure certain aspects, such as setting an automated schedule for the remediation process or triggering it manually. Each out-of-the-box policy is configured to initiate either manual or automatic remediation actions.
- Schedule remediation: you can schedule remediation on a daily, weekly, or monthly basis, and for certain event types, it's possible to schedule the remediation for manual or immediate remediation.
For example, if a user with a weak password is identified, the remediation action could immediately trigger a password reset Workflow. Additionally, some policies may not have automation, but the operator can manually run the remediation when needed.
Discover the comprehensive list of all editable remediation settings in the Out-of-the-box Playbook Library section.