Page 322 - CA Final Audit Titanium Full Book. (With Cover Pages)
P. 322
CA Ravi Taori
(CNO—IA.220) Audit Trail
Definition of Audit Trail: Audit Trail (or Edit Log) is a visible trail of evidence enabling one to trace
information contained in statements or reports back to the original input source. Audit trails are a
chronological record of the changes that have been made to the data.Any change to data including creating
new data, updating or deleting data must be recorded.
Audit Trail Records: Records maintained as audit trail may include the following information: when changes
were made i.e., date and time (timestamp), who made the change i.e., User Id, and what data was changed i.e.,
data/transaction reference; success/failure.
Software level V/s Database Level: Audit trails may be enabled at the accounting software level depending on
the features available in such software or same may be captured directly in the database underlying such
accounting software.
Specific Internal controls: In order to demonstrate that the audit trail feature was functional, operated and
was not disabled, a company would have to design and implement specific internal controls (predominantly IT
controls) which in turn, would be evaluated by the auditors, as appropriate.
An illustrative list of internal controls which may be required to be implemented and operated are given
below - Controls to ensure that the audit trail feature has not been disabled or deactivated, User IDs are
assigned to each individual and not shared, changes to configurations are authorized, access to the audit trail is
restricted, and periodic backups of the audit trails are taken and archived as per statutory requirements.
www.auditguru.in 16.10