Meet the new Policy Management page
Cloud Monitor's redesigned Policy Management experience makes it easier than ever to set up and fine-tune how content and activity across your environment are monitored and acted upon. From a single, modern screen you can decide what to watch for, who it applies to, what should happen when something is found, and who gets notified — all with clearer inputs, smarter validation, and more reliable saving.
How to get there
Policies are managed per view. To open Policy Management, go to Audit & Control and select the view you want to work with. The Policy Management screen always shows the name of the policy set you're currently editing, so you can confirm at a glance that you're in the right place.
The policy set: name, description, and admin notifications
Each policy set has a name and a Description field so you can record what the set is for. A Notify admin on policy violation toggle lets you send an email whenever any policy in the set is triggered. When the toggle is on, you can enter the Email address to notify and a Subject line for the message.
Every policy set also has a status of Enabled, Disabled, or Deleted, so you always know whether it's actively monitoring.
The three policy types
Policies are organized into three tabs at the top of the page. Switch between them depending on what you want to monitor:
Content Policies — monitor files and messages, such as Drive files, shared drive files, and email, for sensitive or risky content.
Login Policies — monitor sign-in activity. Only one login policy of each type can be created, so your login coverage stays clear and conflict-free.
App Policies — monitor and act on third-party apps connected to your environment.
Each tab includes an + Add Policy button to create a new policy of that type.
How a policy is laid out
Every policy appears as a card. Reading from top to bottom, each card includes:
Source — what the policy watches, such as Drive File, Email, or Shared Drives File.
Threat / Condition — what to look for, such as Malicious content or another matching condition.
Remediation — the automatic action to take, set per surface (Drive, Shared Drives, Email), each as its own dropdown that defaults to None.
On Violation — additional follow-up, such as Notify Admin.
An Enabled toggle, plus Copy, Edit, and Delete icons.
Creating a policy
Click + Add Policy on the tab that matches what you want to monitor, then work through the policy from top to bottom.
1. Choose a source
Pick the surface the policy should watch, such as a Drive File, Email, or Shared Drives File. When only one source applies, it's selected automatically to save you a step.
2. Set the conditions
Choose the threat or condition that defines a match. To keep things simple, the editor only shows conditions that actually apply to the source you chose — so you won't see options that wouldn't work. Google native file types like Docs, Sheets, and Slides appear in the file type options when building Google policies, and user-group options are available for Microsoft Drive and Email. Policies that target an organizational unit correctly apply to users in its sub-units as well.
Note: When you build an exclusion that matches on email or file content, the editor prevents you from combining it with other conditions and guides you so the exclusion behaves the way you intend.
3. Choose remediation actions
In the Remediation section, set what should happen automatically when the policy is triggered. Each surface — Drive, Shared Drives, and Email — has its own dropdown that defaults to None, so nothing happens automatically until you choose an action. Available actions include things like revoking file shares or removing an app's access; only the actions that apply to your selected source are shown.
4. Set on-violation notifications
Use the On Violation section to add follow-up such as Notify Admin. Combined with the policy set's admin-notification settings, this keeps the right people informed when something needs attention — without sending duplicate notifications.
5. Save
New policies default to Enabled, and your new draft appears right away. If anything needs your attention, validation errors are shown next to whichever Save button you use, so you never have to hunt for the problem.
Duplicate a policy with Copy
Need a policy that's similar to one you already have? Click the Copy icon on any policy card. Cloud Monitor opens a pre-filled editor with all the settings already in place, so you can make a few adjustments and save instead of starting from scratch.
Smarter validation
The policy editor now helps you enter accurate values and catch mistakes early:
You can enter and validate both IPv4 and IPv6 addresses.
Improved domain validation helps ensure the domains you enter are valid.
Input length limits are enforced so overly long values won't cause save errors, and long condition values are handled cleanly.
Multi-value fields are easier to edit, and validation messages are clearer throughout.
Warnings for deleted or disabled conditions
If one of a policy's conditions points to an organizational unit, group, or risk that has since been deleted or disabled, the policy warns you. This makes it easy to spot policies that would no longer work as expected so you can update them. Long warning messages include a view-full option so you can read the complete details.
[SCREENSHOT: A policy card displaying a warning that a condition points to a deleted or disabled org unit, group, or risk]
Reviewing policy violations
When a policy is triggered, the violation appears on the policy violations page along with details about what was matched and what action was taken.
Deleted items are clearly marked. Files or emails that have since been deleted are labeled Deleted and no longer link to empty pages.
Filter by deleted users and entities. You can choose to hide or show violations tied to deleted users and entities to focus on what's still relevant.
Export to CSV. Export your violations for reporting or record-keeping. The export includes whether items are tied to deleted users and entities, so your records stay complete.
Note: Violation details load reliably even on accounts with a very large number of violations.
Enabling and disabling policies
Each policy card has an Enabled toggle so you can turn monitoring on or off without deleting your work. Disable a policy when you want to pause it temporarily, and re-enable it whenever you're ready. New policies start out enabled by default. Policies are created, deleted, enabled, and updated reliably, so the status you see is always accurate.