ERROR_ACCESS_AUDIT_BY_POLICY - 785 (0x311)
Access to %1 is monitored by policy rule %2.
Updated: Feb 21, 2026
Technical Meaning
The ERROR_ACCESS_AUDIT_BY_POLICY error code indicates that an access attempt to a file or directory has been monitored by a security policy rule. This means the system is configured to track and log such accesses, but does not necessarily prevent them.
Error Details
- Error Name: ERROR_ACCESS_AUDIT_BY_POLICY
- Numeric Code: 785 (0x311)
- Short Description: Access to a file or directory is monitored by policy rule.
Usage Context
This error typically occurs when an application attempts to access a file or directory, and the system's security policies are configured to monitor such accesses. The message includes placeholders for the path of the accessed object and the name of the policy rule that is monitoring this access.
Developer Interpretation
Developers should interpret this error as informational rather than a failure condition. It indicates that the operation was successful, but the system has recorded the access attempt according to security policies. This can be useful for auditing purposes or compliance with security requirements.
Related Errors
- ERROR_ACCESS_DENIED (5): The operation failed because the user does not have sufficient permissions.
- ERROR_INVALID_PARAMETER (87): One of the parameters passed in the function call was invalid.
- ERROR_FILE_NOT_FOUND (2): The specified file or directory could not be found.
FAQ
Q: What does this error mean?
A: This error indicates that an access attempt to a file or directory has been monitored by security policy rules, but the operation itself was successful. It is used for auditing purposes and does not prevent the operation from completing.
Q: How can I handle this error in my application?
A: Since this is informational, you should continue with your operations as usual. However, if you need to log or audit these accesses, you can use the provided information about the path and policy rule name.
Summary
The ERROR_ACCESS_AUDIT_BY_POLICY error code is used when an access attempt to a file or directory is being monitored by security policies. It indicates that the operation was successful but has been logged for auditing purposes. Developers should treat this as informational rather than an error condition and can use it for compliance with security requirements.