There are business requirements when while a certain policy may have a response rule (for example block), it may be required that for certain users there is an exception. For such users while the incident logging is required, the response rule may not be required. Such exceptions might be needed permanently due to business requirements or temporary for a adhoc exceptions.
As of now a separate duplicate policy is required which applies only to the user. The user also needs to be excluded from the original policy with response rule. This is cumbersome and also increases the policy count.