[a] [c]hronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event. For example, an audit trail might be a record of all actions taken on a particularly sensitive file or a record of all users who viewed that file.
"Audit trails may be used as either a support for regular system operations, or as a kind of insurance policy, or as both of these. As insurance, audit trails are maintained but are not used unless needed, such as after a system outage. As a support for operations, audit trails are used to help system administrators ensure that the system or resources have not been harmed by hackers, insiders, or technical problems."