The scanning policies denote whether a scan is automated or not and can be listed by clicking Admin->Scan Policies sub menu as shown in Figure 1.
Figure 1 - The list of scan policies
The policy names that have a commercial policy value next to it are automatic scans and these policies are labelled as Auto when creating a new scan in Figure 2. Therefore, a scan request creator can select an automatic scan by selecting an auto scan policy.
Figure 2 - Creating a new scan request
Scan policy profiles also exist for grouping certain scan policies together and assigning them to companies. Scan policies can be grouped into scan profiles by using Admin->Scan Policy Profiles sub menu. New Policy Profile button is used to create a new scan policy profile shown in Figure 3.
Figure 3 - Creating a new scan policy profile
There are two types of scan policy profiles. One of them is "Scanners" and other one is "Policies". A scan policy profile containing all the scan policies of a vulnerability scanner can be created when "Scanners" is selected as the profile type. Whereas, a scan policy profile containing a potpourri of various scan policies can be created when "Policies" is selected as the profile type.
After creating scan policy profile, it may be assigned to any company from the Company Settings page. By default all scan policies are assigned and can be used for all companies created.