Documentation/Security & Compliance/Audit Logs

Audit Logs

Comprehensive activity tracking and compliance reporting

TuskCPA maintains detailed audit logs of all system activity for security monitoring, compliance, and forensic investigation.

What Are Audit Logs?

Audit logs are immutable records of all user actions, system events, and data access within TuskCPA. They help track who did what, when, and from where - critical for security, compliance, and troubleshooting.

Logged Events

Authentication

  • • Login attempts (success/failure)
  • • Logout events
  • • MFA setup/changes
  • • Password changes
  • • Session creation/termination

Data Access

  • • Client record views
  • • Document access/download
  • • Financial data exports
  • • Report generation
  • • Database queries

Data Modification

  • • Client information updates
  • • Document uploads/deletes
  • • Task assignments
  • • User permission changes
  • • Financial data edits

Administrative

  • • User creation/deactivation
  • • Integration connections
  • • Workflow changes
  • • Billing updates
  • • System configuration

Accessing Audit Logs

For Admins

Administrators can access audit logs via: Settings → Security → Audit Logs

Log Viewer Features

  • • Real-time event streaming
  • • Advanced filtering (user, client, event type, date range)
  • • Search functionality
  • • Export to CSV for analysis
  • • Visual activity charts

Log Retention

Retention Periods

  • Security Events: 5 years (immutable)
  • Data Access: 3 years
  • User Activity: 2 years
  • System Events: 1 year

Logs are stored in encrypted, write-once storage to prevent tampering.

Compliance Uses

SOC 2 Audits

Annual review of access logs demonstrates proper access controls and monitoring procedures required for SOC 2 certification.

HIPAA Compliance

Audit logs document who accessed Protected Health Information (PHI) for healthcare clients. Required for breach notification and compliance investigations.

GDPR Right to Information

EU data subjects can request audit log entries showing who accessed their personal data, when, and for what purpose.

IRS Requirements (Pub 1075)

Tax preparers must maintain audit trails showing access to taxpayer information. Auditable logs demonstrate compliance with IRS security requirements.

Security Monitoring

Security team continuously monitors audit logs for suspicious activity patterns:

  • • Multiple failed login attempts from same IP
  • • Unusual access patterns (off-hours, foreign locations)
  • • Bulk data exports
  • • Permission escalation attempts
  • • Unauthorized integration access

Exporting Audit Logs

Download audit logs for offline analysis, compliance reporting, or forensic investigation.

Export Format

  • Format: CSV (comma-separated values)
  • Fields: Timestamp, User, Action, Resource, IP Address, Status
  • Max Period: 1 year per export
  • Processing: Large exports processed asynchronously, download link emailed

Privacy Considerations

Audit logs themselves are not client data but metadata about data access. However, we take care to:

  • • Hash usernames in logs older than 90 days
  • • Minimize PII in log entries
  • • Restrict log access to admins only
  • • Encrypt exported logs

Need Audit Log Assistance?

Contact our security team for help with compliance audits or log analysis.

Contact Security Team
Back to Documentation