Menu

Glossary

Audit Trail

An audit trail is a secure, computer-generated, time-stamped record that logs every action taken on a piece of data or document, capturing who did it, what changed, and when. In document AI and commercial real estate workflows, it records each extraction, edit, and approval so any final value can be traced back through its full history.

What Is an Audit Trail?

An audit trail is a chronological, tamper-evident log that independently records the creation, modification, and deletion of records. Per FDA 21 CFR Part 11, section 11.10(e), compliant systems must use computer-generated, time-stamped audit trails that record the date and time of operator entries and actions. It answers who, what, and when for every change.

The core fields of an audit trail are consistent across regulated and unregulated systems. Each entry ties an actor to an action, a timestamp, and the values before and after the change. In document AI, an extracted value that a reviewer corrects generates an entry showing the original machine output, the human-corrected value, the user, and the moment of the edit.

Field

What it records

Who

The unique user or system that performed the action

What

The action: create, modify, delete, approve, or void

When

Exact date and time from a synchronized clock, often ISO 8601

Before and after

The value prior to the change and the value after it

Why

An optional reason for change, required when data is altered

Why an Audit Trail Matters

An audit trail matters because a value with no history is a value no one can defend. It converts a static number into a reviewable record showing who touched it and when. Per the FDA's data integrity guidance, audit trails are the practical expression of the ALCOA principles: Attributable, Legible, Contemporaneous, Original, and Accurate.

In commercial real estate, extracted figures flow into models that move valuations and clear investment committees. When a base rent or expiration date is later disputed, the audit trail is what separates a defensible record from a guess. It shows whether a machine produced the value, whether a human reviewed it, and whether it was changed after approval.

The quotable principle: an audit trail turns "trust me" into "check the log." That is the difference between a number you can stand behind in diligence and one you cannot.

Example

A reviewer processes a 30-page lease through an extraction system. The system pulls 60 fields, the reviewer corrects 4, and an approver signs off. The audit trail records each event with an actor and timestamp. The table below shows four representative entries from that one document's log.

Timestamp (UTC)

User

Field

Before

After

2026-07-02 14:02:11

system

Base Rent PSF

(none)

$32.50

2026-07-02 14:31:47

j.reyes

Base Rent PSF

$32.50

$34.00

2026-07-02 14:33:05

j.reyes

Expiration Date

2029-11-30

2030-01-31

2026-07-02 15:10:22

m.okafor

Document Status

In Review

Approved

The log makes the full history legible. Of 60 extracted fields, 56 passed unchanged and 4 were corrected by user j.reyes, a 6.7% correction rate on this document, derived as 4 divided by 60. If the base rent is later questioned, the trail shows the machine reported $32.50, a named reviewer raised it to $34.00 at 14:31, and an approver finalized the document at 15:10. Nothing about the number is unaccounted for.

Variations and Edge Cases

Audit trails differ in how much they capture and how strongly they resist tampering. A basic log records only edits; a strict one records reads, exports, and reasons for change. The variants below determine how much a trail can prove after the fact.

Variant

Treatment

Change-only log

Records creates, edits, and deletes, but not views

Full-access log

Also records reads, exports, and prints for sensitive data

Reason-for-change

Requires a documented justification when a value is altered

Immutable trail

Write-once storage that cannot be edited after the fact

Retention window

How long entries are kept before archiving or purge

The common failure is a trail that can be switched off or overwritten. If a user can disable logging or edit past entries, the audit trail proves nothing. Regulators treat an alterable or optional audit trail as equivalent to no audit trail, which is why immutability and always-on capture are the load-bearing properties.

Audit Trail vs Version History

An audit trail is often confused with version history, and both track change over time, but they answer different questions. Version history stores snapshots of a document at points in time, letting you restore an earlier state. An audit trail records the discrete actions between those states: who changed what field, when, and why.

Version history tells you what the document looked like yesterday. An audit trail tells you that user j.reyes raised base rent from $32.50 to $34.00 at 14:31 and that an approver signed off 40 minutes later. Version history is for recovery; an audit trail is for accountability, and only the audit trail attributes each change to an actor.

Frequently Asked Questions

What is an audit trail in data and document management?An audit trail in data and document management is a secure, time-stamped log that records every create, modify, and delete action on a record, capturing who performed it and when. It makes each value traceable to its full history so a final figure can be verified rather than trusted.

What information must an audit trail capture?An audit trail must capture who performed an action, what the action was, when it occurred, and the values before and after the change. Under FDA 21 CFR Part 11, section 11.10(e), it must be computer-generated and time-stamped, and it should record a reason for change when data is altered.

How is an audit trail different from version history?Version history stores snapshots of a document so you can restore an earlier state, while an audit trail records the individual actions between states, attributing each change to a user with a timestamp. Version history is for recovery; an audit trail is for accountability.

Related Terms

  • Source Citation

  • Human-in-the-Loop

  • Confidence Score

  • Document Extraction

  • Due Diligence