This policy setting determines which users can change the auditing options for files and directories and clear the Security log.
Solution
To establish the recommended configuration via GP, set 'Administrators and (when Exchange is running in the environment) Exchange Servers' for the following UI path: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Manage auditing and security log