Security auditing enhancements in Windows Server and Windows client system can help your organization audit compliance with important business-related and security-related rules by tracking precisely defined activities, such as:

  • A group administrator has modified settings or data on servers that contain finance information.
  • An employee within a defined group has accessed an important file.
  • The correct system access control list (SACL) is applied to every file and folder or registry key on a computer or file share as a verifiable safeguard against undetected access.

Location:  group policy editor: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Audit Policy

Step by step to configure: