By Shilpa Jayaram on Nov 7, 2016 4:08:04 AM
Can we imagine a system in the IT industry that does not give its administrators a full view of the user's actions? What if an organization fails to monitor the session activities of its users, especially internal users who have privileged rights, and a data breach happens in such a situation? What if an important functionality of an application breaks or stops working? Or, what if a hacker makes it to one of your machines?
This is when the audit trails come in handy!
What exactly is an Audit Trail?
An audit trail consists of a set of records that documents every step in a business transaction chronologically. The user audit trail will be the most valuable information that will help provide a complete activity timeline of what the user did from login to logout.
Audit trails are not just big files that eat up your server’s hard disk space. They contain a wealth of information and play several important roles in IT and web security. Before audit data being recorded by computers, establishing an audit trail used to be a matter of maintaining strict bound books and excellent record-keeping.
An audit trail that relies upon a user to update it is no real audit trail at all. So, make sure your system records all of the relevant transaction information automatically to build a rock-solid audit trail. It could make your job a lot easier... and safer!
The benefits of having a detailed audit trail
Audit trails can play an important part in a business’ overall risk management strategy, demonstrating to customers, business partners, and regulators that an organization has made a thorough effort to protect against and prevent potential problems before they occur. Audit trails can be used as proof of regulatory compliance during an audit and can help a company fulfill its record-keeping requirements for compliance purposes.
Because an audit trail tracks how long and how frequently individual users access a system, it can be used to gain insight into which investors or potential partners are most interested in a business, enabling the company to be more strategic with its negotiations. Tracking all user activities with an audit trail offers both startups and established companies the insight and oversight abilities they need to increase efficiency and security in a reliable, provable way.
Having easy access to a comprehensive list of transactions and when they occurred is a great place to start when tracking down an error. Even more important is that the list is both trustworthy and automatically captured.
Audit trail – Not just a good-to-have feature, but a 21 CFR Part 11 requirement
Maintaining an audit trail is a 21 CFR Part 11 compliance requirement. Some auditors will not be satisfied with an audit trail that only a database expert who understands the exact data model behind the system can interpret. Audit trails must be viewable/accessible to end-users. For example, in the pharmaceutical world, a site coordinator should be able to see all changes made to an eCRF, by who, and when, without having to go through SQL. So a subset of the audit trail must be consumable by end-users. This subset includes:
All modifications to data and meta-data (eg, someone changes an eCRF design). All system logins and attempted logins.
An audit trail must include a timestamp, as well as the account name and IP address of the user.
The above information should be viewable by an end-user. Of course, there needs to be access control on the audit trails so that a user cannot view information about another user or site that they are not allowed to see.
Readily accessible audit trails are very useful for investigating unexpected changes to eCRFs and data, and to determine whether a potential security or privacy breach has resulted in inappropriate disclosure of personal information.
That’s enough theory! Let us look at some technologies that audit trails can be implemented using, based on user requirements.
- DB Triggers are a few…
The technical details of each of these have still to come through – watch this space.
There are issues with storing such a large volume of data, but there are also good architectural solutions to make this work. Therefore, storage should not be a reason for not having good audit trails.