Information
Administrator audit logging is used to provide a log of the settings that are changed by administrators anywhere in the system. By default this setting is turned on to ensure discovery of configuration related security breaches.
Rationale:
Administrators may be able to reconfigure the system to expose a vulnerability with no record of the changes made.
Solution
To implement the recommended state, execute the following PowerShell cmdlet:
Set-AdminAuditLogConfig -AdminAuditLogEnabled $True