A Security Policy object contains an extensive profile of security permissions that apply primarily to the security settings of a domain, computer, or computer desktop (rather than to users). A single Security Policy object can be applied to all of the computers in an organizational unit. Security Policy is applied when an individual computer starts up, and is periodically refreshed if changes are made without restarting.