This article discusses the governance policies you and your organization can put in place to safeguard vault actions.
You can't transfer assets without having the appropriate governance policies in place. These are to stop unapproved users from transferring tokens, limiting the amount of tokens transferred, and so on.
The transaction policy safeguards your organization and mitigates potential risks. It is made up of a number of rules that govern how transactions are approved. A transaction needs to fit the rules in order to be signed and broadcast to the blockchain. Each type of transaction has its own rule. See Edit the transaction policy for details.
The admin quorum is a group of users, consisting of at least one admin, who must approve certain vault actions. You can configure the number of admins in the quorum and who they are. See Set the admin quorum for details.
You might have lingering token approvals that give external addresses ongoing access to funds. These exposures, especially when granted with unlimited allowances, are a common attack path and difficult to track at scale. The Risks page enable you to revoke unnecessary or high-risk token approvals. See Introduction to the risks page for more details.