A previous post introduced you to Microsoft Identity Lifecycle Manager "2"'s concept of policy.  We provide a user interface for managing and creating policies.  Here are some screenshots stepping through the process of creating a policy to allow users to read any information about themselves (which may or may not be a policy that you would want to create). 

This shows the list of all policies:

The first page of the policy wizard is shown here.  On this page, one gives one's policy a name, and indicates whether or not this will be a policy that grants permissions:  

 

 

On this page, I have indicated that I want to create a policy that applies to all full-time employees.  That is, to everyone in the set of full-time employees.  I have also said that my policy defines what those folk can read. 

 

On this page, I express the idea that my policy allows full-time employees to read information about themselves, and I choose to say that I am allowing them to read any information about themselves, and not just the information contained in specific attributes:

This next page would allow me to trigger the execution of Windows Workflow Foundation workflows in response to requests covered by my policy:

 

The last page of the wizard summarizes the new policy that I am about to submit: