A policy is simply, An official or prescribed plan or course of action.

A policy itself, provides no compliance and no enforcement.

A provider of the policy is a Policy Information Point.

The digital representation of the Policy is provided by the Policy Information Point to the policy Decision Point which then passes the decision to the Policy Enforcement Point where the access is permitted or denied.

Obviously in some systems, all of the entities:

May reside within the same application of the same host.

A Policy Based Management System is one where the system’s operation is determined by a set of Policies evaluated when triggered by an event.

More Information#

There might be more information for this subject on one of the following: