What is AuditPol on Windows 10/8/7 and how to activate it
Windows 10/8/7, Windows Vista, Windows Server 2008, Windows Server 2008, Windows Server 2008 R2 contains a command line tool called Audit Policy Program, AuditPol.exe, which is located in the System32 folder and allows you to more accurately manage and verify policy subcategory settings.
The definition of audit policies at category level overrides the new functionality of the Audit Policy subcategory. A new registry value introduced in Windows Vista, SCENoApplyLegacyAuditPolicy, allows you to manage audit policies using subcategories without changing group policy. This registry value can be set to prevent the application of audit policies at category level from the group policy and the local security policy management tool.