When more than one policy is associated with an organizational object, the definitions in all the associated policies may be merged so as to produce the definition that will be enforced on the endpoint. A typical example of using this capability is defining a general policy for a specific department and another policy for a specific user in that department who requires additional permissions.

Policy merging works as follows:

• Security Policy Options — the most permissive definition of all merged policies is applied for the options in the policy panels grouped under the Security category in the navigation pane.
• Settings Policy Options — the options in the policy panels grouped under the Settings category in the navigation pane will be taken from the policy whose name is first alphabetically. Therefore, if policy merging is enabled, Symantec recommends using global policies to define the settings.

For more details on policy merging see the Symantec Endpoint Encryption Device Control Administration Guide.