For any legal obligations or compliance reasons, the system might need to keep audit trails of user activities in the system, and record all their data accesses and modifications. SinceĀ audit information is highly sensitive in nature, it might be disclosed only to a few privileged and trusted individuals in the system. Audit trails can be part of a security subsystem or separately logged. You may need to transfer and store audit trails in a specific format, as stated by the regulation or compliance specifications.