diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5617f85b..c033098b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+
+- Chart: Allow to enable `auditd` service through `global.components.auditd.enabled`.
+
 ## [1.0.0] - 2024-07-24
 
 ### Changed
diff --git a/helm/cluster/README.md b/helm/cluster/README.md
index 31bba6d8..af45a8e6 100644
--- a/helm/cluster/README.md
+++ b/helm/cluster/README.md
@@ -193,6 +193,8 @@ Advanced configuration of components that are running on all nodes.
 
 | **Property** | **Description** | **More Details** |
 | :----------- | :-------------- | :--------------- |
+| `global.components.auditd` | **Auditd** - Enable Auditd service.|**Type:** `object`<br/>|
+| `global.components.auditd.enabled` | **Enabled** - Whether or not the Auditd service shall be enabled. When true, the Auditd service is enabled. When false, the Auditd service is disabled.|**Type:** `boolean`<br/>**Default:** `false`|
 | `global.components.containerd` | **Containerd** - Configuration of containerd.|**Type:** `object`<br/>|
 | `global.components.containerd.containerRegistries` | **Container registries** - Endpoints and credentials configuration for container registries.|**Type:** `object`<br/>**Default:** `{"docker.io":[{"endpoint":"registry-1.docker.io"},{"endpoint":"giantswarm.azurecr.io"}],"gsoci.azurecr.io":[{"endpoint":"gsoci.azurecr.io"}]}`|
 | `global.components.containerd.containerRegistries.*` | **Registries** - Container registries and mirrors|**Type:** `array`<br/>|
diff --git a/helm/cluster/templates/clusterapi/_helpers_files.tpl b/helm/cluster/templates/clusterapi/_helpers_files.tpl
index 8f7bf6d8..b2dac3f1 100644
--- a/helm/cluster/templates/clusterapi/_helpers_files.tpl
+++ b/helm/cluster/templates/clusterapi/_helpers_files.tpl
@@ -123,11 +123,13 @@ and is used to join the node to the teleport cluster.
 
 {{/* Audit rules for all nodes */}}
 {{- define "cluster.internal.kubeadm.files.auditrules" }}
+{{- if $.Values.global.components.auditd.enabled }}
 - path: /etc/audit/rules.d/99-default.rules
   permissions: "0640"
   encoding: base64
   content: {{ $.Files.Get "files/etc/audit/rules.d/99-default.rules" | b64enc }}
 {{- end }}
+{{- end }}
 
 {{/* Provider-specific files for all nodes */}}
 {{- define "cluster.internal.kubeadm.files.provider" }}
diff --git a/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl b/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl
index c8cd5690..1666582d 100644
--- a/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl
+++ b/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl
@@ -181,6 +181,7 @@
       CPUAccounting=true
       MemoryAccounting=true
       Slice=kubereserved.slice
+{{- if $.Values.global.components.auditd.enabled }}
 - name: audit-rules.service
   enabled: true
   dropins:
@@ -189,6 +190,10 @@
       [Service]
       ExecStartPre=/bin/bash -c "while [ ! -f /etc/audit/rules.d/containerd.rules ]; do echo 'Waiting for /etc/audit/rules.d/containerd.rules to be written' && sleep 1; done"
       Restart=on-failure
+{{- else }}
+- name: auditd.service
+  enabled: false
+{{- end }}
 {{- end }}
 
 {{- define "cluster.internal.kubeadm.ignition.containerLinuxConfig.additionalConfig.systemd.units.teleport" }}
diff --git a/helm/cluster/values.schema.json b/helm/cluster/values.schema.json
index f474d077..091ef1b3 100644
--- a/helm/cluster/values.schema.json
+++ b/helm/cluster/values.schema.json
@@ -1166,6 +1166,20 @@
                     "description": "Advanced configuration of components that are running on all nodes.",
                     "additionalProperties": false,
                     "properties": {
+                        "auditd": {
+                            "type": "object",
+                            "title": "Auditd",
+                            "description": "Enable Auditd service.",
+                            "additionalProperties": false,
+                            "properties": {
+                                "enabled": {
+                                    "type": "boolean",
+                                    "title": "Enabled",
+                                    "description": "Whether or not the Auditd service shall be enabled. When true, the Auditd service is enabled. When false, the Auditd service is disabled.",
+                                    "default": false
+                                }
+                            }
+                        },
                         "containerd": {
                             "type": "object",
                             "title": "Containerd",
diff --git a/helm/cluster/values.yaml b/helm/cluster/values.yaml
index c43bd779..404ee1da 100644
--- a/helm/cluster/values.yaml
+++ b/helm/cluster/values.yaml
@@ -26,6 +26,8 @@ global:
     verticalPodAutoscaler: {}
     verticalPodAutoscalerCrd: {}
   components:
+    auditd:
+      enabled: false
     containerd:
       containerRegistries:
         docker.io: