What they do
Audit logs capture the required information such as who did it, when the action occurred, what data got changed. At times it is also helpful to additionally record a per-defined description.
System Anomaly
Domain experts apply knowledge and judgment of business anomalies to inform the team members about such anomalies through audit log alerts.
Compliance
Audit logs are primarily used by organizations to document a historical record of activity for systemic or regulatory compliance purpose.
Example
One of the real-world examples of audit log can be storing all CCTV feeds for the law enforcement agencies to audit any activity over any past event including their own reactions.
Benefits
The benefit of an audit log has certainly helped our clients in
- Maintaining a compliance system that meets the industry regulations
- Maintain data integrity during the whole process of preparation of compliance reports
- Audit the admin and user activity in accessing the data and reports on need basis
- Providing evidences as and when required by regulators
While all of this are a need for any large system working in the area of transaction, compliance and business integrity such as financial institutions, it is still challenging to design an audit logging system. In a software system, there are field level data, user level activity data and role level data for each byte of data that is going through a processing and hence when we deal with millions of data records, the log tends to become humongous. So, prioritizing what to log what level and create levels for detailing as and when needed is one of the needs for any built-in system clients look for.
November 2023
Introduction
Audit logging is defined as the process of capturing all the activities happening in a system and to scrutinize the integrity of both action and data. This begins with tracking a well-defined set of sensitive actives within the system.
Tracking an activity means to capture either event based or time based, or alert based or action-based activities. Audit logging also capture other required information such as who did it, when the action occurred, what data got changed. At times it is also helpful to additionally record a pre-defined description along with the log.
Audit logging also comes with systems that can have monitoring methods to capture anomalies. System administrators apply their domain knowledge and judgment of business anomalies to inform the team members about such anomalies. Which is also called alerting. Hence, we now know that audit logs, monitoring and alerting makes a good proactive compliance process.
Sometime we get confused between logging and audit logging. Logging is an activity that is required to keep the system working and is useful for up-keeping of the system over a long period of time. Whereas audit logs are primarily used by organizations to document a historical record of activity for systemic or regulatory compliance purpose.
Audit logging is under discussion only when there is large amount of data gathered over a period of time, across multiple systems and such system needs to be intelligent and accurate while also not demanded to be providing results instantly.
VSM system
At VSM we work with millions of records of private data and transactional logs of user activity to help organizations prepare compliance reports submitted to multiple international agencies. While such reports ought to be accurate, at the same time, the integrity of the input data must also be maintained as well as the results over a long period of time in the system. We recently implemented a state-of-the art audit log system that not only brings the facility of capturing logs from the system, but also provides an interface to search, filter and visualize the data by the administrators by doing basic configuration changes.
Data Security
Audit logs are always are the most sensitive piece of information vulnerable to deletion and unauthorized access in itself. In order to prevent any editing of the audit information, it is always essential to design a system whose data is protected also from its own creators with an audit logging that is built on top of the system itself.
Any well-designed system must always provide an audit logging system that is configurable, consistent, easy to use and come with a pre-built alert system. When building our FATCA compliance system, this was exactly in our mind for all our banking clients.