Audit trail

From Clinfowiki
Jump to: navigation, search

First Definition

Audit Trail- a secure, computer generated, time stamped electronic record that allows reconstruction of the course of events relating to the creation, modification, and deletion of an electronic record.[1]

Computerized Systems Used in Clinical Trials

In 1997, the FDA developed Title 21 Code of Federal Regulations (21 CFR Part 11 FDA), a uniform approach to regulating record keeping, reporting and electronic signature practices for all business function under its control. [1]

  • Persons must use secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. A record is created when it is saved to durable media.
  • Audit trails must be retained for a period at least as long as that required for the subject electronic records (e.g., the study data and records to which they pertain) and must be available for agency review and copying.
  • Personnel who create, modify, or delete electronic records should not be able to modify the audit trails.
  • Clinical investigators should retain either the original or a certified copy of audit trails.
  • FDA personnel should be able to read audit trails both at the study site and at any other location where associated electronic study records are maintained.
  • Audit trails should be created incrementally, in chronological order, and in a manner that does not allow new audit trail information to overwrite existing data.

Second Definition

Audit trail, also called audit log, is a kind of measure for IT system safety and security, which is through recording and maintaining activities of system accesses and processes. According to NIST, an audit trail is continuous and chronological records of all IT system events, including but not limited to user activities, operating system status, any accesses and applications. Typically, audit trail combines with other related tools and applications in order to assist system administrators to detect system problems such as security violations, performance problems, and flaws [2].

Generally speaking, as a standard measure, audit trails are consistently maintained and collected all activities related to accesses and processes of IT system in the background stage without notice. By definition, the process for creation of any given audit trails requires to run in a privileged mode, which means that they can access and monitor all activities from all users. In addition, they are restricted to access by only authorized administrators[3]. Audit trails are not regularly used during daily norm activities until necessary in the following situations, for example, system outages, cyberattacks, and technical problems [4].


  1. 1.0 1.1 US Food and Drug Administration. "Code of federal regulations title 21." Chapter I, Subchapter B, Part 173 (2012).
  2. JOINT TASK FORCE, TRANSFORMATION INITIATIVE, NIST. (2013). Security and Privacy Controls for Federal Information Systems and Organizations. Retrieved from
  3. Wikipedia. (2015). Audit trail. In Wikipedia, the free encyclopedia. Retrieved from
  4. NIST. (2003). AUDIT TRAILS. Retrieved November 25, 2015, from