diff --git a/built-in-policies/policyDefinitions/Event Grid/Namespaces_PublicNetworkAccess_AuditDeny.json b/built-in-policies/policyDefinitions/Event Grid/Namespaces_PublicNetworkAccess_AuditDeny.json
new file mode 100644
index 000000000..7a0380afd
--- /dev/null
+++ b/built-in-policies/policyDefinitions/Event Grid/Namespaces_PublicNetworkAccess_AuditDeny.json	
@@ -0,0 +1,47 @@
+{
+  "properties": {
+    "displayName": "Azure Event Grid namespaces should disable public network access",
+    "description": "Disabling public network access improves security by ensuring that the resource isn't exposed on the public internet. You can limit exposure of your resources by creating private endpoints instead. Learn more at: https://aka.ms/aeg-ns-privateendpoints.",
+    "metadata": {
+      "version": "1.0.0",
+      "category": "Event Grid"
+    },
+    "version": "1.0.0",
+    "policyType": "BuiltIn",
+    "mode": "Indexed",
+    "parameters": {
+      "effect": {
+        "type": "String",
+        "metadata": {
+          "displayName": "Effect",
+          "description": "Enable or disable the execution of the policy"
+        },
+        "allowedValues": [
+          "Audit",
+          "Deny",
+          "Disabled"
+        ],
+        "defaultValue": "Audit"
+      }
+    },
+    "policyRule": {
+      "if": {
+        "allOf": [
+          {
+            "field": "type",
+            "equals": "Microsoft.EventGrid/namespaces"
+          },
+          {
+            "field": "Microsoft.EventGrid/namespaces/publicNetworkAccess",
+            "notEquals": "Disabled"
+          }
+        ]
+      },
+      "then": {
+        "effect": "[parameters('effect')]"
+      }
+    }
+  },
+  "id": "/providers/Microsoft.Authorization/policyDefinitions/161acee8-4a5a-431e-9c54-f9d68a2d55cf",
+  "name": "161acee8-4a5a-431e-9c54-f9d68a2d55cf"
+}
\ No newline at end of file