using System.Security;
using System.Security.Cryptography.X509Certificates;
using System.Security.Principal;

string SID = auditRecord.UserNameOrSID; // get the SID in base64 via HLAPI
byte[] sidBytes = Convert.FromBase64String(SID); // convert the base64 to byte array
SecurityIdentifier sid = new SecurityIdentifier(sidBytes, 0);
SID = sid.Translate(typeof(NTAccount)).ToString(); // convert to SID