Are ApplicationAccessPolicy operations (such as creating, updating, or deleting policies) audited or recorded in Microsoft 365 audit logs, or are these activities not captured at all?

Hi @Vishal Kumar 

Thank you for posting your question in the Microsoft Q&A forum. 
Microsoft 365 does not currently log ApplicationAccessPolicy operations in a way that is visible through the Microsoft 365 audit portals. Although cmdlets like New-ApplicationAccessPolicy, Set-ApplicationAccessPolicy, and Remove-ApplicationAccessPolicy are executed via Exchange Online PowerShell, these specific actions are not captured in the Unified Audit Log that feeds into the Microsoft Purview portal. 
For a detailed overview of what activities are currently audited, you can refer to Audit log activities | Microsoft Learn. 
I understand how important it is to have visibility into these kinds of changes for compliance and security auditing. While this limitation can be challenging, your question highlights a broader need for more comprehensive logging around policy-level operations. 

I hope this information is helpful. 

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".   

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.