Policy information indicates that it was changed. Is there a way to determine who changed it and when?

The steps are as follows:

1. In the Enforce UI navigate to the system events page: 

In version 12.x go to System > Servers > Events or in version 14.x go to System > Servers and Detectors > Events. 

2. Select the Advanced Filters & Summarization to add a filter.

3. Select Event Code - Is Any Of and enter the numbers 1204 and 2116 separated with a comma.

4. Click on the Apply button to filter the events for ones like these: 

Code 1204 - Updated policy <name>
Summary:  Updated policy <name>
Detail Policy: <name> has been successfully updated. The current policy version is X. Active channels: DIM. 
 
Code 2116 - Policy changed
Summary: Updated policy <name>
Details: <who changed the policy>
 
If required, change the date range to one of the present ranges or a custom date range.