Add conceptual content about policies (#27712)

content/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise.md

@@ -19,7 +19,9 @@ topics:
 
 {% ifversion ghec %}
 
-Enterprise owners on {% data variables.product.product_name %} can control the requirements for authentication and access to the enterprise's resources. You can choose to allow members create and manage user accounts, or your enterprise can create and manage accounts for members. If you allow members to manage their own accounts, you can also configure SAML authentication to both increase security and centralize identity and access for the web applications that your team uses. If you choose to manage your members' user accounts, you must configure SAML authentication.
+Enterprise owners on {% data variables.product.product_name %} can control the requirements for authentication and access to the enterprise's resources. 
+
+You can choose to allow members to create and manage user accounts, or your enterprise can create and manage accounts for members with {% data variables.product.prodname_emus %}. If you allow members to manage their own accounts, you can also configure SAML authentication to both increase security and centralize identity and access for the web applications that your team uses. If you choose to manage your members' user accounts, you must configure SAML authentication.
 
 ## Authentication methods for {% data variables.product.product_name %}
 

content/admin/index.md

@@ -71,13 +71,13 @@ changelog:
 featuredLinks:
   guides:
     - '{% ifversion ghae %}/admin/user-management/auditing-users-across-your-enterprise{% endif %}'
+    - /admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise
+    - /admin/policies/enforcing-policies-for-your-enterprise/about-enterprise-policies
     - '{% ifversion ghae %}/admin/configuration/restricting-network-traffic-to-your-enterprise{% endif %}'
     - '{% ifversion ghes %}/admin/configuration/configuring-backups-on-your-appliance{% endif %}'
     - '{% ifversion ghes %}/admin/enterprise-management/creating-a-high-availability-replica{% endif %}'
     - '{% ifversion ghes %}/admin/overview/about-upgrades-to-new-releases{% endif %}'
     - '{% ifversion ghec %}/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise{% endif %}'
-    - '{% ifversion ghec %}/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/about-enterprise-managed-users{% endif %}'
-    - '{% ifversion ghec %}/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-identity-and-access-management-for-your-enterprise{% endif %}'
     - '{% ifversion ghec %}/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise{% endif %}'
     - /admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise
   guideCards:

content/admin/overview/about-enterprise-accounts.md

@@ -32,17 +32,17 @@ The enterprise account on {% ifversion ghes %}{% data variables.product.product_
 
 {% endif %}
 
-Organizations are shared accounts where enterprise members can collaborate across many projects at once. Organization owners can manage access to the organization's data and projects with sophisticated security and administrative features. For more information, see {% ifversion ghec %}"[About organizations](/organizations/collaborating-with-groups-in-organizations/about-organizations)."{% elsif ghes or ghae %}"[About organizations](/organizations/collaborating-with-groups-in-organizations/about-organizations)" and "[Managing users, organizations, and repositories](/admin/user-management)."{% endif %}
+Organizations are shared accounts where enterprise members can collaborate across many projects at once. Organization owners can manage access to the organization's data and projects with sophisticated security and administrative features. For more information, see "[About organizations](/organizations/collaborating-with-groups-in-organizations/about-organizations)."
 
-{% ifversion ghec %}
-
-Enterprise owners can create organizations and link the organizations to the enterprise. Alternatively, you can invite an existing organization to join your enterprise account. After you add organizations to your enterprise account, you can manage and enforce policies for the organizations. Specific enforcement options vary by setting; generally, you can choose to enforce a single policy for every organization in your enterprise account or allow owners to set policy on the organization level. For more information, see "[Setting policies for your enterprise](/admin/policies)."
+{% ifversion ghec %} 
+Enterprise owners can invite existing organizations to join your enterprise account, or create new organizations in the enterprise settings.
+{% endif %}
 
-{% data reusables.enterprise.create-an-enterprise-account %} For more information, see "[Creating an enterprise account](/admin/overview/creating-an-enterprise-account)."
+Your enterprise account allows you to manage and enforce policies for all the organizations owned by the enterprise. {% data reusables.enterprise.about-policies %} For more information, see "[About enterprise policies](/admin/policies/enforcing-policies-for-your-enterprise/about-enterprise-policies)."
 
-{% elsif ghes or ghae %}
+{% ifversion ghec %}
 
-For more information about the management of policies for your enterprise account, see "[Setting policies for your enterprise](/admin/policies)."
+{% data reusables.enterprise.create-an-enterprise-account %} For more information, see "[Creating an enterprise account](/admin/overview/creating-an-enterprise-account)."
 
 {% endif %}
 

content/admin/policies/enforcing-policies-for-your-enterprise/about-enterprise-policies.md

@@ -0,0 +1,30 @@
+---
+title: About enterprise policies
+intro: 'With enterprise policies, you can manage the policies for all the organizations owned by your enterprise.'
+versions:
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+type: overview
+topics:
+  - Enterprise
+  - Policies
+---
+
+To help you enforce business rules and regulatory compliance, policies provide a single point of management for all the organizations owned by an enterprise account. 
+
+{% data reusables.enterprise.about-policies %}
+
+For example, with the "Base permissions" policy, you can allow organization owners to configure the "Base permissions" policy for their organization, or you can enforce a specific base permissions level, such as "Read", for all organizations within the enterprise.
+
+By default, no enterprise policies are enforced. To identify policies that should be enforced to meet the unique requirements of your business, we recommend reviewing all the available policies in your enterprise account, starting with repository management policies. For more information, see "[Enforcing repository management polices in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise)."
+
+While you're configuring enterprise policies, to help you understand the impact of changing each policy, you can view the current configurations for the organizations owned by your enterprise.
+
+{% ifversion ghes %}
+Another way to enforce standards within your enterprise is to use pre-receive hooks, which are scripts that run on {% data variables.product.product_location %} to implement quality checks. For more information, see "[Enforcing policy with pre-receive hooks](/admin/policies/enforcing-policy-with-pre-receive-hooks)."
+{% endif %}
+
+## Further reading
+
+- "[About enterprise accounts](/admin/overview/about-enterprise-accounts)"

content/admin/policies/enforcing-policies-for-your-enterprise/index.md

@@ -13,6 +13,7 @@ topics:
   - Enterprise
   - Policies
 children:
+  - /about-enterprise-policies
   - /enforcing-repository-management-policies-in-your-enterprise
   - /enforcing-team-policies-in-your-enterprise
   - /enforcing-project-board-policies-in-your-enterprise

data/learning-tracks/admin.yml

@@ -135,5 +135,4 @@ get_started_with_your_enterprise_account:
     - /admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise
     - /admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise
     - /admin/authentication/managing-identity-and-access-for-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise
-    - /admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise
-    - /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise
+    - /admin/policies/enforcing-policies-for-your-enterprise/about-enterprise-policies

data/reusables/enterprise/about-policies.md

@@ -0,0 +1 @@
+Each enterprise policy controls the options available for a policy at the organization level. You can choose to not enforce a policy, which allows organization owners to configure the policy for the organization, or you can choose from a set of options to enforce for all organizations owned by your enterprise.