Policies can occur along a number of "Authorization" lines to allow, or deny, the user access to potentially dangerous (or questionable) applications:

Adware and Potentially Unwanted Applications (PUAs) -- Certain applications can be incorrectly identified as adware or PUAs. This policy allows an administrator to "set" the application to be available to run or not run on a computer.
Buffer Overflow -- Again, the administrator can set or deny access to specific applications that seem to be misbehaving by overflow their memory buffers. Sometimes this is a method used by hackers to gain access to your computer, but sometimes, buffer overflows can occur from a poorly written application that doesn't manage memory in an effective fashion.
Suspicious Files -- Some applications raise red flags by how they are named. For example, infection.exe might be something you may or may not want to run on your computer. Well, anti-virus programs don't know what to do with them, so they get flagged for review by support personnel.
Suspicious Behavior -- Sometimes, infected files are good files that have been rewritten to misbehave on a computer. If a file begins to act in a suspicious fashion on a system, it can be allowed or denied on your system by support personnel.
Website Blocking -- Certain websites might be blocked by the anti-virus system, or they can be "opened" by a systems administrator to allow access to them.

Browser not supported