Policies or profiles, well both actually.
I do have a standard that most of our commercial clients get, then there is another standard our Gov clients and that is broken down to basically 3 standards dept-A, dept-B, and other. But even then there are individual departments with widely varying approaches to who gets what access. I wish I could just say "everyone get this". In the end I can make a number of groups but nothing close to a global standard.
I already use scrips like you show, but that means many scripts.
What I was hoping for was a script that would query the web profile names and stor them as a list of variables. Then use those variables in the "edit "variable-x" command, thus applying all the changes to all the profiles known or unknown.
But it doesn't look like this is possible.