Auditing of Detailed Tracking: Process Creation events on failure should be enabled or disabled as appropriate. Audit Process Creation, which determines whether the operating system generates audit events when a process is created (starts). These audit events can help you track user activity and understand how a computer is being used. Information includes the name of the program or the user that created the process. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\Audit Policies\Detailed Tracking!Audit Policy: Detailed Tracking: Process Creation (2) REG: NO INFO