Viewing, Adding, and Deleting Policies

Code Insight 6.14.2

Policies are used by Code Insight to automate the review of inventory items (in a QuickReview™ scenario) or requests to use OSS components (in a full review scenario). Policies can be defined up-front and re- evaluated each time a new project is created. Policies can also be built off of requests that are being reviewed by someone with the policy administrator permission. Creating a policy during the time of request review will result in a very specific policy at the current project scope and will automate the action taken by the reviewer at the time of the policy creation. The purpose of policies is two-fold:

•

Policy notifications (flags in the web UI and Detector auditing client) inform the user whether the component and/or license has an associated policy. This information may be used to increase the priority of reviewing particular items in cases where the associated components and/or licenses have an auto-reject policy.

•

Policies are also used to automate manual reviews in cases where a particular component or licenses has previously been reviewed and future manual reviews are no longer necessary.

Anyone with policy administrator permissions can create, add, delete, and edit policies. The system administrator allows any user to have these permissions by checking Policy Administrator in the role box when setting up or editing a new user.