The way a "use" policy is determined is referred to as the "security policy use model." When the use model is set to Template, the template developer specifies the "use" policy. When the use model is set to
User, the person creating the project request from the template selects a security policy from the list that is visible.