← Back to Docs

Audit Trail

Every action logged. Every change tracked. Designed to support compliance with 21 CFR Part 11 and EU Annex 11 requirements for electronic records.

How it works

ArvoDocs maintains an immutable audit log for every record in the system — documents, quality events, suppliers, users, and settings. Every create, update, approve, reject, and delete action is captured automatically.

Audit log entries cannot be edited or deleted — not even by administrators. This is by design. An audit trail is only useful if it's trustworthy.

What's captured

Each audit log entry includes:

  • Who — the authenticated user who performed the action
  • What — the specific action taken (created, updated field X, approved, etc.)
  • When — server-side timestamp (UTC) of the action
  • Where — the record type and identifier affected
  • Why — reason for change (when required by workflow configuration)
  • Previous value — the old value before the change
  • New value — the value after the change

Electronic signatures

ArvoDocs supports electronic signatures for document approvals and quality event closures. When a user signs a record, the system captures:

• The signer's full name and user ID

• The meaning of the signature (e.g., "Approved," "Reviewed," "Authored")

• Date and time of the signature

• Re-authentication at the time of signing (password confirmation)

Electronic signatures are bound to their respective records and cannot be reused, copied, or transferred.

21 CFR Part 11 alignment

ArvoDocs is designed to support compliance with FDA 21 CFR Part 11 requirements for electronic records and electronic signatures. Key capabilities include:

  • Unique user identification and authentication
  • Role-based access controls
  • Immutable, computer-generated audit trails
  • Electronic signatures with re-authentication
  • Signature manifestations linked to signed records
  • System access controls and session management
  • Automatic session timeout (configurable by admin)

A note on Part 11 compliance

ArvoDocs provides the technical controls to support your Part 11 compliance program, but compliance also requires procedural controls on your side — SOPs for system use, user training, and organizational policies. We recommend consulting with a regulatory professional to ensure your overall compliance approach is sound.

Searching & exporting

Filter the audit trail by user, record, action type, or date range. Export filtered results as a PDF or CSV for regulatory submissions, internal audits, or management review.

Related