# Policy Automation Policy Automation is a [[Foundational Capabilities|Governance]] capability that [[Cybersecurity]] capabilities directly depend on to ensure adversary resilience policies are implemented in technology and maintained as part of the organization's resilience program. As organizations evolve and adopt digitally enabled capabilities, complexity increases and policies must evolve and mature from ad hoc to documented then to technology implemented and ultimately as part of the fabric of the organization. This means that the entirety of organizational capabilities need policy automation capabilities similar to what is leveraged in public cloud environments to enable technology efficiencies. ## Map ``` mermaid <!-- element style="width:90%; height:auto" --> graph TD subgraph two[Foundational] subgraph subPadding1[ ] direction LR F[Application Management] G[Asset Management] H[Backup and Recovery] I[Code Management] J[Data Management] K[Device Management] L[Domain Management] M[Email Management] N[Identity and Access Management] O[Log Management] P[Network Management] Q[Policy Automation] R[Stream Processing] S[Third Party Management] T[Training] F ~~~ G G ~~~ H H ~~~ I I ~~~ J K ~~~ L L ~~~ M M ~~~ N N ~~~ O P ~~~ Q Q ~~~ R R ~~~ S S ~~~ T end end %% Class Definitions %% ===================== class two subPadding; classDef subPadding fill:none,font-size:20px; class subPadding1,subPadding2 subgraph_padding; classDef subgraph_padding stroke:none,fill:none,margin:0; class F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T internal-link,font-color:white; class Top cssClassL0; classDef cssClassL0 fill:black,stroke:#333,stroke-width:4px,font-size:15px,font-color:white; class A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T cssClassL1; classDef cssClassL1 fill:gray,stroke:#333,stroke-width:0px,font-size:15px,font-color:white; class Q cssClassCurrent; classDef cssClassCurrent fill:#2f9503,stroke:#2f9503,stroke-width:4px,font-size:15px,font-color:white; ``` ## Maturity Model | | Stage 1 | Stage 2 | Stage 3 | Stage 4 | Stage 5 | | ------------- | ----------------- | ---------------------------------------------------- | ------- | ------- | ------- | | **Category** | Automation Fabric | Policy Enforcement Point<br><br>Standards Management | | | | | **Dependent** | | | | | | ## Requirements | Category | Guidance | Dependent Capability | Adversary Persona | | ------------------------ | -------- | -------------------- | ----------------- | | Automation Fabric | | | | | Policy Enforcement Point | | | | | Standards Management | | | | ## Metrics >[!cm-metric] Metric: ## Inspiration & Resources + [[CISA Zero Trust Maturity Model]] ## Release Notes + [[WIP - Q3 2024 Release#Document Foundational Capabilities and Develop Templates for sub-pages]] ## [Cyber City Map](https://cybercitymap.com/) © 2023-2024 by [ThirdScore, Inc.](https://thirdscore.com/) All Rights Reserved.