Audit trail

From CryptoDox, The Online Encyclopedia on Cryptography and Information Security

Jump to: navigation, search

An audit trail or audit log is a chronological sequence of audit records, each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function.

Audit records typically result from activities such as transactions or communications by individual people, systems, accounts or other entities.

Webopedia defines an audit trail as "a record showing who has accessed a computer system and what operations he or she has performed during a given period of time." ([1])

In telecommunication, the term means a record of both completed and attempted accesses and service, or data forming a logical path linking a sequence of events, used to trace the transactions that have affected the contents of a record.

In information or communications security, information audit means a chronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event.

In nursing research, it refers to the act of maintaining a running log or journal of decisions relating to a research project, thus making clear the steps taken and changes made to the original protocol.

In accounting, it refers to documentation of detailed transactions supporting summary ledger entries. This documentation may be on paper or electronic records.

The process that creates audit trail should always run in a privileged mode, so it could access and supervise all actions from all users, and normal user could not stop/change it. Furthermore, for the same reason, trail file or database table with a trail should not be accessible to normal users.

In what relates to audit trail, it is also very much important to take into consideration the liability issues of your audit trails, as many times in case of dispute, these audit trails can work as an evidence for some incident.

See also


Mortgage - Flights - Loans - Homeowner Loans