The audit system must be configured to audit account modification.

An XCCDF Rule