Yes, you can create and edit custom compliance policy to suit your business needs. You also have four recommended Compliance Policies if you wish to pick one of these instead of creating a custom one.
Creating a custom compliance policy
If you wish to base your custom policy on top of one of the recommended ones, you can [View Policy] by clicking on the three dots and then clicking on the [Create Copy] button.
If you would like to create a custom compliance policy to fit your needs, navigate to [Compliance Policies] and then [Add Policy]:
Here you will then be presented with Sharing (Internal & External) criteria as well as certain Site Configuration settings. Naturally, you have full control here and you have 'i' informational icons that give you more information on each of the criteria next to the option.
You also have the option to set this one as your Default policy.
The 2nd step involves entering Trusted Sharing domains, Audit settings and configuring email notifications. The Full Audit option here will trigger a scan of the sites with this policy, every X months and will also include any previously 'Approved' violations for them to get Fixed/Approved again.
Editing a custom compliance policy
You can easily edit a custom policy by visiting the [Compliance Policies] screen click the three dots next to the custom policy and then [Edit Policy].