Audit Trails

Workflow provides audit trail capability that allows you to keep a traceable record of actions that are performed within your system. Actions that regulators are concerned with are typically those actions that commonly occur in a production environment.

The audit trail is a key component in a 21 CFR Part 11 compliant system, but it can also be useful in many different applications. The electronic signature audit trail contains a computer-generated, time-stamped record of each electronic signature. Each record clearly identifies all pertinent information about the person who entered the signature, such as the person's name, the time the signature was entered, and, optionally, comments provided by the signer.

Enabling a workflow may require auditing because that is when the workflow changes are entering the live process. Actions that are rarely performed can be tracked by using a manual paper system.

When an action that is configured to be audited takes place, an audit record is written to the SQL Server database. The audit entry in the database includes the following information:

  • A time stamp indicating when the record was created.
  • An optional time stamp indicating when the action took place.
  • The location where the action took place (that is, the assigned equipment resource).
  • User context, which is any information related to the audit record and can include a bind to a workflow variable and/or an expression.
  • The associated topic.

Auditing can be enabled or disabled on a per topic basis; however, audit configuration changes and electronic signatures are always audited, regardless of whether the global auditing is enabled or disabled.