Update policy.yml

The merge request updates the DevSecOps Level 3 Security Policy by adding new variables to the Secret Detection, SAST, SAST_IAC, and Dependency Scanning actions. These variables exclude specific paths, such as the readme.md file, from being scanned. Additionally, the approval policy has been removed.