Which type of authorization focuses on compliance with established security policies?

The type of authorization that focuses on compliance with established security policies is Policy-Based Authorization. This approach involves setting and enforcing rules and standards that user access must adhere to, ensuring that all operations comply with the organization's security policies. The essence of Policy-Based Authorization is to establish predefined criteria that dictate how access controls are implemented and how resources are accessed, which ultimately supports compliance with legal, regulatory, and internal security requirements.

In contrast, Entity-Based Authorization centers around specific entities such as users or resources, evaluating their attributes or characteristics rather than a broader policy adherence framework. Risk-Based Authorization assesses the level of risk involved in granting access, taking into account various factors that might increase security vulnerabilities rather than focusing strictly on compliance with established policies. Access Control Authorization typically refers to the overall mechanisms that enforce access rights based on roles, but again, it doesn't specifically target compliance with security policies in the way that Policy-Based Authorization does.