A mechanism is provided in a data processing system for centralized policy management of multiple security domains in accordance with an illustrative embodiment. A policy enforcement point component in the data processing system receives an access request. The policy enforcement point component is managed by a plurality of security domains. The policy enforcement point component queries a policy broker component in the data processing system. The policy broker component determines an access decision that complies with policies of the plurality of security domains. It does so by orchestrating a workflow that involves the policy decision, administration, and information components of those domains. The policy broker component returns the access decision to the policy enforcement point component.