Viewing Audit Trails

Vault CDMS automatically collects and records information about any data entry, change, or action taken on any data, including system-generated data. You can view the details of the updates to any electronic record. Each audit entry includes the timestamp, user name, affected object, and a description of the event. If you have the required permissions, you can view audit trail information for the following study objects:

  • Casebooks (Data Entry tab only)
  • Events
  • Event Dates (Review tab only)
  • Forms
  • Items
  • Form Links
  • Protocol Deviations (Review tab only)
  • Visit Method

Vault Coding also records an audit trail for Code Requests. Learn more about how to view the audit trail for Code Requests here

Viewing the Audit Trail

You can view the audit trail of an individual object record.

Data Entry Tab

Users with permission to access the Data Entry tab can view audit trails from there.

To view the audit trail from the Data Entry tab:

  1. From the Data Entry tab, use the breadcrumb menu to navigate down to a form record.
  2. Select the audit trail action for the type of record you want to view:
    • For Casebooks, select Casebook Audit Trail from the casebook schedule’s Actions menu.
    • For Events, select Event Audit Trail from the event’s More Actions menu.
    • For Forms, select Form Audit Trail from form’s Actions menu.
    • For Items, select Item Audit Trail from the item’s More Actions menu.
    • For Form Links, select Form Link Audit Trail from the form link’s More Actions menu.
  3. The Audit Trail dialog opens. Click X to return to the object record page.

Review Tab

If the Review tab is enabled in your vault, users with permission to access that tab can view audit trails from there.

To view the audit trail from the Review tab:

  1. Use the breadcrumb menu to navigate down to the record you want to view.
  2. Select the audit trail action for the type of record you want to view:
    • For Events, select Event Audit Trail from the event’s More Actions menu.
    • For Event Dates, select Event Date Audit Trail from the event date’s More Actions menu.
    • For Forms, select Form Audit Trail from the form’s More Actions menu.
    • For Items, select Item Audit Trail from the item’s More Actions menu.
    • For Form Links, select Form Link Audit Trail from the form link’s More Actions menu.
    • For Protocol Deviations, select Protocol Deviation Audit Trail from the protocol deviation’s More Actions menu.
    • For Visit Method, select Visit Method Audit Trail from the visit method’s More Actions menu.
  3. The Audit Trail dialog opens. Click X to return to the object record page.

Audit Trail Contents

The audit trail contains the following columns:

  • Timestamp: The datetime of the change based on the timezone of the logged-in user
  • Username: The username of the user making the change, or the system. For more information about the username, see Audit Trail Username
  • Event Description: The change that was made

Audit Trail Username Column

The username column of the audit trail displays information about the user or system making a change, as follows:

  • System: The change was initiated by the system

  • System on behalf of user: The system made a change due to user action. For example, if a signature breaks because a user changed data after the Principal Investigator signed it, the Username column for the broken signature record displays “System on behalf of [User’s name (username)]”. System on Behalf of Audit Record

  • User’s name and username: The user who made the change, such as opening or answering queries or entering or editing data in a form. User action audit record

Audit Events in End User Audit Trails

The following are the various actions, both system and manual, for which Vault will create an audit trail entry that is visible in the Data Entry and Review tabs. Vault audits all data changes in the Audit Logs (Admin > Logs).

Query-Level

  • Query Opened
  • Query Answered
  • Query Closed

Item-Level

  • Item Creation
  • Item Level Autosave
  • Item Value Change
  • Codelist Item Definition
  • SDV Applied
  • SDV Broken
  • SDV Required
  • DMR Applied
  • DMR Broken
  • DMR Required
  • eSignature Applied
  • eSignature Invalidated
  • eSignature Removed
  • Data Locked
  • Data Unlocked
  • Data Frozen
  • Data Unfrozen
  • Item Intentionally Left Blank
  • Change Reason (migrated Items)
  • Exam Uploaded
  • Exam Deleted

Form-Level

  • Form Creation
  • Form Status
  • Form Submission

Event-Level

  • Event Creation
  • Event Deletion
  • Event Inactivation
  • Event Status
  • Event Date Added
  • Planned Date Added
  • Overdue Date Added

Event Date-Level

  • Event Date Changed
  • SDV Applied
  • SDV Broken
  • DMR Applied
  • DMR Broken
  • eSignature Applied
  • eSignature Invalidated
  • eSignature Removed
  • Event Date Locked
  • Event Date Unlocked
  • Event Date Frozen
  • Event Date Unfrozen

Visit Method-level

  • Visit Method Changed
  • SDV Applied
  • SDV Broken
  • DMR Applied
  • DMR Broken
  • eSignature Applied
  • eSignature Invalidated
  • eSignature Removed
  • Visit Method Locked
  • Visit Method Unlocked
  • Visit Method Frozen
  • Visit Method Unfrozen

Casebook-Level

  • Casebook Creation
  • Casebook Version Updated

Subject-Level

  • Subject Creation
  • Subject Status Updated

Example Event Descriptions

Query Audit Trail Examples

When a query is opened or answered on an item, the audit record includes the query message.

Query Opened

Mary Mustard enters data that triggers a system query:

Query Opened Audit Record

Query Answered

Mary Mustard answers a query:

Query Answered Audit Record

Query Closed

Mary Mustard makes a change that causes a query to autoclose:

Query Closed Audit Record

SDV Audit Trail Examples

SDV Mode Required

The SDV Mode of an object changes to “Required” due to a change to the casebook version:

SDV Mode Required Audit Record

SDV Performed

Mary Mustard performs SDV on an Item:

SDV Performed Audit Record

SDV Broken

Mary Mustard updates item data after SDV has been performed, causing the SDV to break:

SDV Broken Audit Record

Item Data Entry Audit Trail Examples

Value Entered

Mary Mustard enters data in an Item on a Form. Form changes, including changes made prior to submission, are recorded in the audit trail:

Item Data Entry Value Entered Audit Record

Value Changed

Mary Mustard changes the value of an Item:

Item Data Entry Value Changed Audit Record

EDC Tools: Audit Trail Export

Lead data managers and users with permission to run jobs in Vault CDMS can export all audit trails for an entire Study from EDC Tools > Jobs, using the Audit Trail Export job. That export includes audit trails for deleted records, which are not exposed in any of the areas detailed above.

Learn more about the Audit Trail Export job.