The required auditing for the registry key HKEY_LOCAL_MACHINE\SYSTEM should be enabled. (1) set of accounts (2) events to audit (3) applicability (1) defined by the object's SACL CCE-727 4.4.3.3 HKEY_LOCAL_MACHINE\System oval:org.secpod.oval:def:15072 BITS Shared Assessments SIG v6.0 Jericho Forum HIPAA/HITECH Act FedRAMP Security Controls(Final Release Jan 2012)--LOW IMPACT LEVEL-- ISO/IEC 27001-2005 COBIT 4.1 GAPP (Aug 2009) NERC CIP NIST SP800-53 R3 AU-2 PCIDSS v2.0 FedRAMP Security Controls(Final Release Jan 2012)--MODERATE IMPACT LEVEL-- BITS Shared Assessments AUP v5.0 CCE Version 4.2 2008-02-15 Windows XP Professional Operating System Legacy, Enterprise, and Specialized Security Benchmark Consensus Baseline Security Settings The Center for Internet Security 2004-10-20 Version 1.3 Jeff Shawgo Sidney Faber Prose(pdf) SCAP Repo OVAL Definition 2013-09-05 BITS Shared Assessments SIG v6.0 2012-10-12 Jericho Forum 2012-10-12 HIPAA/HITECH Act 2012-10-12 ISO/IEC 27001-2005 2012-10-12 COBIT 4.1 2012-10-12 GAPP (Aug 2009) 2012-10-12 NERC CIP 2012-10-12 NIST SP800-53 R3 2012-10-12 PCIDSS v2.0 2012-10-12 BITS Shared Assessments AUP v5.0 2012-10-12