About audit event triggers

The following are the actions that trigger an audit event:

Table: Trigger Actions

Event type


Triggering Action

Asset Change

C1 Core

An attribute of an asset is changed.

Job Execution

C1 Core

At the successful completion of every job that the application server launches.

Job Creation/Deletion

C1 Core

Log the creation or deletion of a job

Role Member Change

C1 Core

A person or group is added to and or removed from a role.

Role Create/Delete

C1 Core

A role is created or deleted.

Role Power Change

C1 Core

A power is added to or removed from a role.

Policy Change


Any component of a Policy is modified.

Standard Change


Any component of a Standard is modified. Each modification creates a separate log entry of this type.

Policy Module Control Statement Create/Change/Delete


A control statement is created, changed, or deleted.

Policy Module Control Statement Assignment/De-Assignment


A control point is linked to or delinked from a policy.

Control Point Configuration Change


The configuration for a control point is changed. The configuration may include a change in published status, data owner, management classification, department, or review cycle.

Control Point Approval or Rejection/Request for Change


A control point entitlement approval or request for change occurred.

Control Point Approval Violation


A control point review cycle ended without the required approval event.

More Information

About auditing