What is an audit trail?

An audit trail is a record of actions and events that documents who did what and when in a system. This creates accountability and traceability, letting you reconstruct activity, verify compliance, and support security investigations. It goes beyond simply tracking performance or physical movement because it captures the sequence of user actions, system events, timestamps, and often identifiers like user IDs or IP addresses, which are essential for forensic analysis and non-repudiation. The description in this context matches the purpose of maintaining a log of user actions and system events for accountability. The other options describe a physical asset log, a policy document, or performance-focused records, which don’t capture the ongoing, verifiable activity history that an audit trail provides.