# Certifications Exemptions and Diffs

## Required permissions

To manage and apply existing policies to data sources, a user must have either the CREATE\_DATA\_SOURCE Immuta permission or be manually assigned the owner role on a data source.

## Certify global policies

After a policy with a certification requirement is applied to a data source, data owners will receive a notification indicating that they need to certify the policy.

1. Navigate to the **Policies** tab of the affected data source, and review the policy in the **Data Policies** section.
2. Click **Certify Policy**.
3. In the **Policy Certification** modal, click **Sign and Certify**.

## Add policy exemptions

Once this setting is enabled on the [app settings page](https://documentation.immuta.com/2024.2/application-settings/how-to-guides/config-builder-guide#allow-policy-exemptions), data owners can exempt users from policies on a per-data-source basis to allow those users to see all the data, regardless of the global or local policies applied. *Note: By default, policy exemptions are disabled in Immuta.*

1. Select a data source and click the **Policies** tab.
2. In the **Data Policies** menu, click **Add Exemptions**. This button will only be visible if policy exemptions have been enabled.
3. Enter the names of the **users** or **groups** to exempt from your policies.
4. Click **Create** to finish your exemption policy.
5. Click **Save All** to apply the policy to your data source.

## View policy diffs

Once you have a data policy in effect, you can view the changes in your policies by clicking the **Policy Diff** button in the data policies section on a data source's policies tab.

The **Policy Diff** button displays previous policies and the current policy applied to the data source.