You will normally have people whose job it is to access audit data, create reports, and analyze those reports. Most of them do not, and should not, have the privileges to change audit policy or maintain the audit data. That is why you can grant audit read privileges to individual user accounts. Determine which individuals require this ability and have the audit administrator grant that privilege to those user accounts.