Audit logs currently do not include config policy events. Knowing when, and who changed a policy would be helpful in security reviews