Policies—created through the Policy wizard—let you set the level of protection and security, content access, and logging that are applied to each of your identities.
Policies apply to identities on a first match basis and are not additive. The matching policy closest to the top of the policy list applies. You can drag and drop policies to reorder them at any time. For more information, see Best Practices for Policy Creation.
When you first access policies, there's always at least one policy—the Default policy. This policy applies to all identities and cannot be deleted. The Default policy is applied to an identity when no other policy covers that identity. Thus, the Default policy is a catch-all to ensure all identities within your organization receive a baseline level of protection.