Information
It is generally not considered best practice to implement 'Any Any Any' permit policies, regardless of the direction of traffic, as this provides overly permissive avenues for traffic to pass. It is generally considered best practice to only allow traffic between authorized sources and destinations over permitted services while blocking all other activity by default. You will need to manually review the currently defined zone-to-zone security policies and the order they are implemented as traffic will follow the first matching policy, so order of security policy is extremely important.
With logging in place, another consideration is to add an 'Any Any Any' deny policy at the bottom of your zone-to-zone security policy list to explicitly log all denied traffic. If you are following the best practice of only allowing the necessary services the deny logs would be another useful source of information to help determine if compromised systems or unauthorized activity is taking place in your organization.
Solution
You may navigate to the following ScreenOS menu location: Policy > Policies. Once there you can select the appropriate zones to further edit security policy settings.