Policy Change
Applies To: Windows 7, Windows Server 2008 R2
Policy Change audit events allow you to track changes to important security policies on a local system or network. Because policies are typically established by administrators to help secure network resources, any changes or attempts to change these policies can be an important aspect of security management for a network. This category includes the following subcategories:
For more information about audit events that are generated by Policy Change audit settings in Windows Server 2008 R2 and Windows 7, see Security Audit Events for Windows 7 and Windows Server 2008 R2 (https://go.microsoft.com/fwlink/?LinkId=157780).