Hi,
As creating and updating Azure policies is administrative log event like any other resource setup diagnostic settings at management group scope for each management group. When you send the logs to Log Analytics you can create Log alert for those events. This is due to activity log alerts can only be created at subscription scope so you cannot create activity log alert to apply to management group activity log events.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.