The type of action that is recorded in the audit log
includes the following:
- capture of all electronic records: file, declare, undeclared
- re-categorization of an electronic record within the file plan: a move
- any change to any Disposition Schedule (instructions): create, modify, destroy
- any disposition actions carried out by authorized roles: cutoff, retain, transfer, review, close folder, reopen folder
- the placing or removal of a disposal hold (freeze) on an object: freeze, unfreeze
- any change made to any metadata associated with File Plan or electronic records, for example, change to vital record indicator
- amendment and deletion of metadata by a user
- any internal or user event triggered by the system or by the user, for example, SUPERSEDED, GAO Audit, End of Fiscal Year, and so on.
- changes made to the access permissions
- creation, amendment or deletion of a user or group
- changes made to the capabilities (functional access permissions)
- changes made to supplemental markings
- export and import
- deletion / destruction of records
- changes to the auditing levels and settings
- search operations carried out by users