Audit policy change This security setting determines whether the OS audits each instance of attempts to change user rights ...

Audit policy change

This security setting determines whether the OS audits each instance of attempts to change user rights assignment policy, audit policy, account policy, or trust policy. 

The administrator can specify whether to audit only successes, only failures, both successes and failures, or to not audit these events at all (i.e. neither successes nor failures). 

If Success auditing is enabled, an audit entry is generated when an attempted change to user rights assignment policy, audit policy, or trust policy is successful. 

If Failure auditing is enabled, an audit entry is generated when an attempted change to user rights assignment policy, audit policy, or trust policy is attempted by an account that is not authorized to make the requested policy change.

 Default:

  Audit Policy Change: Success
  Authentication Policy Change: Success
  Authorization Policy Change: No Auditing
  MPSSVC Rule-Level Policy Change: No Auditing
  Filtering Platform Policy Change: No Auditing
  Other Policy Change Events: No Auditing

Important: For more control over auditing policies, use the settings in the Advanced Audit Policy Configuration node. For more information about Advanced Audit Policy Configuration, see http://go.microsoft.com/fwlink/?LinkId=140969.

Audit directory service access This security setting determines whether the OS audits user attempts to access Active Directory ... Audit file system global object access This policy setting allows you to apply a comprehensive object access audit policy ... Audit logon events This security setting determines whether the OS audits each instance of a user attempting to log on to ... Audit object access This security setting determines whether the OS audits user attempts to access non-Active Directory objects. ... Audit policy change This security setting determines whether the OS audits each instance of attempts to change user rights ... Audit Policy Change: New Policy: Success Failure %3 %4 Logon/Logoff %5 %6 Object Access %7 %8 Privilege Use %13 %14 Account ... Audit privilege use This security setting determines whether to audit each instance of a user exercising a user right. If ... Audit process tracking This security setting determines whether the OS audits process-related events such as process creation, ... Audit registry global object access This policy setting allows you to apply a global object access audit policy to the registry ...