Audit trails are the auxiliary records that are created which record transactions and other events. Of the many reasons for having audit trails, here are a few:
Enforcement of accountability: Employees tend to be more accountable for their actions when they know that audit trails capture the details of those actions.
Investigation: Investigators who need to trace the actions of an individual’s activities can rely on audit trails to see what that person did.
Event reconstruction: Analysts may need to understand and reconstruct a complex event. Without audit trails, event reconstruction could be an exercise in futility.
Problem identification: Audit trails can help an analyst or engineer identify and rectify the root cause of a problem.
Anatomy of an audit record