Module 5 / Lesson 2
Audit Trails
1 min read
An audit trail is the durable history of access events and administrative changes, used to answer "who did what, when, and where."
What good audit records show
- Who — the cardholder or operator
- What — the action or decision
- When — an accurate timestamp
- Where — the door, controller, or system object affected
What audit trails are used for
- Investigating incidents (who entered a room, and when)
- Demonstrating compliance with policies and regulations
- Tracking configuration changes (who edited an access level)
An audit trail is only trustworthy if records can't be quietly altered — protect and back up the event history.