If a password policy is applied after a user has actually met the criteria for a the account to be disabled, will it be applied?
An existing user UserA's last login date is 2018-05-01.
A password policy is created on 2018-05-10 to disable user accounts which have not logged in for 7 days.
Will the policy be applied and UserA's account be disabled when if they try to log in on 2018-05-11?
Yes. The policy will be applied.
The policy is applied when a user next logs in so in the case above, when they user logs in on 2018-05-11, the system will look at the policies in effect for the user, determine that the user has not logged in for > 7 days and will lock/disable the account.
The important thing to understand is that the policy evaluation is done when a user tries to log in. There is no continual monitoring of a user.