Audit trail

An audit trail (also called audit log) is a security-relevant chronological record, set of records, and/or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, event, or device.^[1]^[2] Audit records typically result from activities such as financial transactions,^[3] scientific research and health care data transactions,^[4] or communications by individual people, systems, accounts, or other entities.

The process that creates an audit trail is typically required to always run in a privileged mode, so it can access and supervise all actions from all users; a normal user should not be allowed to stop/change it. Furthermore, for the same reason, the trail file or database table with a trail should not be accessible to normal users. Another way of handling this issue is through the use of a role-based security model in the software.^[5] The software can operate with the closed-looped controls, or as a 'closed system', as required by many companies when using audit trail functionality.

^ "National Information Assurance (IA) Glossary" (PDF). Committee on National Security Systems. 7 August 1996. p. 4. Archived from the original (PDF) on 27 February 2012. Retrieved 7 March 2012.
^ "ATIS Telecom Glossary 2012 - audit trail". Alliance for Telecommunications Industry Solutions (ATIS) Committee PRQC. 2012. Archived from the original on 13 March 2013. Retrieved 7 March 2012.
^ "SEC Proposes Consolidated Audit Trail System to Better Track Market Trades". U.S. Securities and Exchange Commission. 26 May 2010. Retrieved 7 March 2012.
^ "Electronic Code of Federal Regulations - Title 21: Food and Drugs - Part 11: Electronic Records; Electronic Signatures". U.S. Government Printing Office. Archived from the original on 8 June 2010. Retrieved 2 March 2012.
^ Brancik, Kenneth C. (2007). "Chapter 2: Related Research in Insider Computer Fraud and Information Security Controls". Insider computer fraud: an in-depth framework for detecting and defending against insider IT attacks. CRC Press. pp. 18–19. ISBN 978-1-4200-4659-5.

[1] "National Information Assurance (IA) Glossary" (PDF). Committee on National Security Systems. 7 August 1996. p. 4. Archived from the original (PDF) on 27 February 2012. Retrieved 7 March 2012.

[2] "ATIS Telecom Glossary 2012 - audit trail". Alliance for Telecommunications Industry Solutions (ATIS) Committee PRQC. 2012. Archived from the original on 13 March 2013. Retrieved 7 March 2012.

[3] "SEC Proposes Consolidated Audit Trail System to Better Track Market Trades". U.S. Securities and Exchange Commission. 26 May 2010. Retrieved 7 March 2012.

[4] "Electronic Code of Federal Regulations - Title 21: Food and Drugs - Part 11: Electronic Records; Electronic Signatures". U.S. Government Printing Office. Archived from the original on 8 June 2010. Retrieved 2 March 2012.

[5] Brancik, Kenneth C. (2007). "Chapter 2: Related Research in Insider Computer Fraud and Information Security Controls". Insider computer fraud: an in-depth framework for detecting and defending against insider IT attacks. CRC Press. pp. 18–19. ISBN 978-1-4200-4659-5.

[1]

[2]

[3]

[4]

[5]