A record of transactions in an information system that provides verification of the activity of the system. The simplest audit trail is the transaction itself. If a person's salary is increased, the change transaction includes the date, amount of raise and name of authorizing manager.
A more elaborate audit trail can be created when the system is being verified for accuracy; for example, samples of processing results can be recorded at various stages. Item counts and hash totals are used to verify that all input has been processed through the system.
Routine Queries Are Typically Exempt
An audit trail can include any activity whatsoever, but transactions that do not effect a change are often not recorded. For example, ad hoc searches and database lookups may not be identified in an audit trail. However, if queries and searches are monitored and recorded, they can be invaluable for tracking a malicious hacker or employee. See information security