FAILURE

    Indicates that all unsuccessful attempts at accessing the object
    are to be logged by the security audit logger. For example, if
    the auditing criteria is a failure to obtain write access to an
    object, specify the following Alarm ACE:

    (ALARM=SECURITY, ACCESS=WRITE+FAILURE)