Flow GRC Docs

Audit Log - Comprehensive Audit Trail and Compliance Tracking

View comprehensive audit logs of all system activities, changes, and user actions for compliance and security monitoring

The Audit Log provides a comprehensive record of all activities, changes, and user actions within Flow, enabling organizations to maintain complete audit trails for compliance, security monitoring, and accountability.

Overview

Audit Log enables organizations to:

  • Complete Activity Tracking - Record all system activities and changes
  • User Action Monitoring - Track who did what and when
  • Change History - View before/after values for all changes
  • Compliance Support - Maintain audit trails for compliance requirements
  • Security Monitoring - Monitor for suspicious activities
  • Accountability - Ensure user accountability for actions

What's Logged

Risk Management Activities

All risk-related activities are logged:

  • Risk Creation - New risks added to register
  • Risk Updates - Changes to risk details, scores, status
  • Risk Deletion - Risks removed from register
  • Risk Treatment Changes - Treatment type and rationale updates
  • Review Scheduling - Review date changes
  • Owner Assignment - Risk owner changes

Control Management Activities

Control activities are tracked:

  • Control Creation - New controls added
  • Control Updates - Control details and effectiveness changes
  • Control Deletion - Controls removed
  • Effectiveness Updates - Control effectiveness rating changes
  • Framework Linking - Control-framework associations

Action Management Activities

Action tracking includes:

  • Action Creation - New actions created
  • Action Updates - Status, assignee, due date changes
  • Action Completion - Actions marked as complete
  • Action Deletion - Actions removed

Compliance Activities

Compliance activities are logged:

  • Compliance Item Creation - New compliance items added
  • Compliance Status Changes - Implementation status updates
  • Evidence Upload - Evidence items added or updated
  • Assessment Creation - Compliance assessments created
  • Framework Selection - Framework selection changes

System Activities

System-level activities tracked:

  • User Login/Logout - Authentication events
  • Settings Changes - Organization settings modifications
  • User Management - User additions, role changes, removals
  • Data Exports - Export activities logged
  • Bulk Operations - Bulk import/update activities

Audit Log Details

Log Entry Information

Each audit log entry contains:

  • Timestamp - Exact date and time of activity
  • User - User who performed the action
  • Action - Type of action performed
  • Entity Type - Type of entity affected (risk, control, action, etc.)
  • Entity ID - Identifier of affected entity
  • Before Value - Previous value (for updates)
  • After Value - New value (for updates)
  • Description - Human-readable description of action

Action Types

Common action types logged:

  • Create - New entity created
  • Update - Entity modified
  • Delete - Entity removed
  • Assign - Assignment changed
  • Status Change - Status updated
  • Export - Data exported
  • Import - Data imported
  • Login - User logged in
  • Logout - User logged out

Viewing Audit Logs

Audit Log Table

The audit log displays:

  • Date & Time - When the action occurred
  • User - Who performed the action
  • Action - What action was performed
  • Entity - What entity was affected
  • Details - Additional details about the action
  • Changes - Before/after values (for updates)

Filtering Options

Filter audit logs by:

  • Date Range - Filter by time period
  • User - Filter by specific user
  • Action Type - Filter by action type
  • Entity Type - Filter by entity type (risk, control, etc.)
  • Search - Search by description or details

Sorting

Sort audit logs by:

  • Date - Most recent first (default)
  • User - Alphabetical by user
  • Action - Group by action type
  • Entity - Group by entity type

Audit Log Features

Detailed View

Click any log entry to view:

  • Complete Details - Full information about the action
  • Before/After Comparison - Side-by-side comparison for updates
  • Related Entities - Links to related entities
  • User Information - Details about the user who performed action
  • Context - Additional context about the action

Export Capabilities

Export audit logs for:

  • Compliance Reporting - Export for audit purposes
  • Analysis - Export for further analysis
  • Archival - Export for long-term storage
  • Investigation - Export for security investigations

Search Functionality

Search audit logs by:

  • Keywords - Search in descriptions and details
  • User Names - Find actions by specific users
  • Entity Names - Find actions on specific entities
  • Date Ranges - Search within time periods

Compliance Support

Audit Trail Requirements

Audit logs support compliance requirements:

  • SOX Compliance - Track financial control changes
  • ISO 27001 - Maintain security audit trails
  • SOC 2 - Demonstrate access controls and monitoring
  • GDPR - Track data access and modifications
  • HIPAA - Monitor PHI access and changes

Retention Policies

Audit logs are retained:

  • Standard Retention - 7 years (configurable)
  • Compliance Retention - Extended retention for compliance
  • Archival - Automatic archival of old logs
  • Export - Export for external storage

Security Monitoring

Suspicious Activity Detection

Monitor for:

  • Unusual Access Patterns - Multiple logins from unusual locations
  • Bulk Deletions - Large numbers of deletions
  • Unauthorized Changes - Changes by unauthorized users
  • After-Hours Activity - Activity outside business hours
  • Failed Actions - Failed login attempts or permission errors

Alert Configuration

Configure alerts for:

  • Critical Actions - Alerts for high-risk actions
  • Bulk Operations - Alerts for bulk changes
  • Unauthorized Access - Alerts for access violations
  • Data Exports - Alerts for sensitive data exports

Best Practices

Regular Review

  • Daily Monitoring - Review critical activities daily
  • Weekly Analysis - Analyze patterns weekly
  • Monthly Reports - Generate monthly audit reports
  • Quarterly Review - Comprehensive quarterly review

Access Control

  • Restricted Access - Limit audit log access to authorized users
  • Read-Only Access - Audit logs should be read-only
  • Separation of Duties - Different users for operations and audit review

Documentation

  • Retention Policies - Document retention requirements
  • Review Procedures - Document review procedures
  • Incident Response - Document incident response procedures
  • Compliance Mapping - Map audit logs to compliance requirements

Getting Started

  1. Access Audit Log - Navigate to Audit Log page
  2. Review Recent Activity - Check recent activities
  3. Set Up Filters - Configure filters for your needs
  4. Set Up Alerts - Configure alerts for critical activities
  5. Export Logs - Export logs for compliance or analysis
  6. Regular Review - Schedule regular audit log reviews

The Audit Log provides complete transparency and accountability, ensuring all activities are tracked and available for compliance, security, and operational purposes.

Next Steps

Introduction

Search Documentation

Search through documentation, navigate to pages, or run quick actions