How to audit modifications done to access levels

We have a situation where one of the access level was modified. How to capture who and when

AUDIT_EVENT lists all events However what are the distinct event_type_id and their meanings