Audit Trail
Audit Trail Module - User Guide
π‘οΈ Business Impact
The Audit Trail module is your system’s “Black Box” recorder. Implementing this module ensures 100% data accountability, helping you identify unauthorized changes instantly and providing ironclad evidence for statutory audits (ISO, Tax, SOX). It turns “I didn’t do it” into “Let’s check the trail.”
β‘ Quick Start: 2-Minute Setup
For administrators who need to activate or check the trail:
- Enable: Go to Company Master, set Enable Audit Trail Feature to “Yes”.
- Action: Perform any transaction (e.g., Modify a Party or Voucher).
- Note: Enter a clear reason in the mandatory Audit Trail Notes field.
- View: Navigate to Audit Trail menu to see the timestamped log.
πΊοΈ Process Flow: Logging to Forensic Analysis
graph TD
Trigger[User Modifies Record] --> Check[Is Audit Trail Enabled?]
Check -- Yes --> Prompt[Mandatory Audit Note Prompt]
Prompt --> Save[Record Saved + Log Generated]
Check -- No --> SimpleSave[Record Saved (No Log)]
Save --> View[View Audit Trail Index]
View --> Details[Drill-down: Old vs New Values]
style Save fill:#f9f,stroke:#333,stroke-width:2pxβ Prerequisites Checklist
Before you can effectively use the Audit Trail module, ensure:
- System Parameter: “Enable Audit Trail Feature” is checked in Company Master.
- User Permissions: Assigned roles have “Audit Trail Details” access.
- Data Integrity: Note that enabling Audit Trail may restrict certain bulk imports (e.g., Opening Balances) to prevent un-logged data shifts.
1. Introduction π
The Audit Trail module is a specialized forensic tool designed to maintain a transparent history of every significant action within the ERP. It captures the “Who, What, When, and Why” of every data change.
In the overall business flow:
- It runs in the background of every transaction (Sales, Purchase, Accounts, Inventory).
- It acts as a mandatory checkpoint during modifications.
- It serves as the primary source for Internal and External Compliance Audits.
Typically, this module is used by IT Administrators, Finance Heads, and Compliance Officers to ensure the system remains tamper-proof.
2. Getting Started with Audit Trail π
Accessing the Module
To access the Audit Trail, navigate to the System Tools > Audit Trail section from the main menu.
The Index Page
The Index Page provides a high-level overview of all recorded events:
- Audit Trail No: A unique reference for every log entry.
- Doc Type: Specifically shows which module was affected (e.g., Invoice, Party Master).
- Operation: Identifies if the record was Added, Modified, or Deleted.
- User & Date: Shows exactly who performed the action and at what precise second.
3. Features β¨
The Audit Trail module is built with security-first features:
- π΅οΈ Transaction Forensics: Automatically logs the “Birth” (Creation) and “Lifecycle” (Modifications) of every document.
- π Mandatory Notes: If enabled, the system forces the user to enter a reason for any modification or deletion.
- π Old vs. New Comparison: Drill down into any log entry to see exactly which field was changed (e.g., “Changed Unit Rate from 500 to 450”).
- π« Import Protection: To ensure data 100% accountability, the system may block bulk Excel imports (like Opening Balance) if the Audit Trail is active.
- π Excel Export: Generate comprehensive forensic reports for specific date ranges to share with auditors.
- π Connected Documents: Audit trails are linked back to the original source document numbers for easy cross-referencing.
4. Complete Flow π
The typical lifecycle of an Audit Log entry:
Triggering an Event
- A user attempts to Modify or Delete an existing record (e.g., updating a Party’s Credit Limit).
Providing Justification
- If Audit Trail is enabled, a text area for “Audit Trail Notes” appears.
- The user must type a valid reason (e.g., “Updated credit limit as per MD’s approval”).
Data Capture
- The system captures the current state (Old Values) and the proposed state (New Values).
Logging
- Upon saving, the system creates a unique Audit Trail No and stores the timestamp, username, and IP details.
Forensic Review
- Administrators can later open the Audit Trail Detail page to compare fields side-by-side.
5. Validations and Error Handling β οΈ
The system includes strict validations to ensure the trail is never bypassed:
| Validation Type | What is checked? | Error Message / Action |
|---|---|---|
| Mandatory Notes | If “Audit Trail Notes” field is left empty. | “Audit Trail Notes must be filled” |
| Import Restriction | Attempting a bulk import while Audit Trail is active. | “You cannot import as Audit Trail is enabled.” |
| Notes Length | Ensuring notes don’t exceed the character limit (usually 250 characters). | “Audit Trail Notes can be up to 250 characters only.” |
| Access Control | Unauthorized user trying to view the trail. | Redirects to “Access Denied” page. |
6. Tools / Smart Features π§
- π Export to Excel: A dedicated tool to download records for offline analysis using the Date Range selector.
- π§ Smart Tracking: The system only logs fields that were actually changed, reducing “noise” in your reports.
- π±οΈ One-Click Drilldown: Click on any Audit Trail No to instantly see the granular field-level changes.
7. Reports Related to Audit Trail π
- π Audit Trail Statement: A comprehensive log of all activities within a selected date range.
- π΅οΈ User Activity Report: Filter the trail to see all actions performed by a specific individual.
- π Deletion Log: Specifically tracks all “Delete” operationsβcrucial for identifying potential data loss or fraud.
8. Pre-settings / Configurations βοΈ
Before using the module, ensure the following are configured:
- ποΈ Company Master/Details:
- Enable Audit Trail Feature: Set to Yes to begin logging.
- π€ User Roles:
- Ensure roles are correctly mapped to view the “AuditTrailDetails” page.
- π οΈ System Parameters:
- Some modules may have additional specific audit triggers that can be fine-tuned.
9. Best Practices / Tips π‘
- Be Specific in Notes: Instead of writing “Updated,” write “Updated price as per email dated 10-Oct.” It saves hours of investigation later.
- Regular Reviews: IT Managers should review the Audit Trail at least once a month, specifically focusing on “Delete” operations.
- Export & Archive: Export your Audit Trail quarterly and store it in your company’s secure digital vault for long-term compliance.
- The “Two-User” Rule: Use the trail to verify that high-value vouchers created by a junior are only modified by an authorized senior.
10. Additional Observations π
β οΈ Critical Note on Operations
- Permanent Records: Once an Audit Log is created, it cannot be deleted or modified by any user, including administrators. It is a permanent record of truth.
- Performance Impact: While minimal, logging every change adds a fractional overhead to save times. Use only on modules where accountability is critical.
- Note Requirement: If you find you cannot save a record, check if a new text field labelled “Audit Trail Notes” has appeared at the bottom of the formβit’s likely mandatory!