You are here

Auditing actions

The type of action that is recorded in the audit log includes the following:
  • capture of all electronic records: file, declare, undeclared
  • re-categorization of an electronic record within the file plan: a move
  • any change to any Disposition Schedule (instructions): create, modify, destroy
  • any disposition actions carried out by authorized roles: cutoff, retain, transfer, review, close folder, reopen folder
  • the placing or removal of a disposal hold (freeze) on an object: freeze, unfreeze
  • any change made to any metadata associated with File Plan or electronic records, for example, change to vital record indicator
  • amendment and deletion of metadata by a user
  • any internal or user event triggered by the system or by the user, for example, SUPERSEDED, GAO Audit, End of Fiscal Year, and so on.
  • changes made to the access permissions
  • creation, amendment or deletion of a user or group
  • changes made to the capabilities (functional access permissions)
  • changes made to supplemental markings
  • export and import
  • deletion / destruction of records
  • changes to the auditing levels and settings
  • search operations carried out by users