Auditing of Global Object Access Auditing: File System events on success should be enabled or disabled as appropriate. File System (Global Object Access Auditing), which enables you to configure a global system access control list (SACL) on the file system for an entire computer. If you select the Configure security check box on the policy's property page, you can add a user or group to the global SACL. This enables you to define computer system access control lists (SACLs) per object type for the file system. The specified SACL is then automatically applied to every file system object type. If both a file or folder SACL and a global SACL are configured on a computer, the effective SACL is derived by combining the file or folder SACL and the global SACL. This means that an audit event is generated if an activity matches either the file or folder SACL or the global SACL. This policy setting must be used in combination with the File System security policy setting under Object Access. Fix: (1) GPO: Commandline: auditpol.exe (2) REG: NO INFO