OpenShift must generate audit records when successful/unsuccessful attempts to delete privileges occur.

An XCCDF Rule