Appearance
Audit Trail
Audit readiness depends on traceability: who did what, when, why, and with which evidence. In Modulos, traceability is built from two complementary surfaces:
- Notifications help people execute and coordinate work.
- Comments and logs provide the durable audit trail on each object.
What this is
This page explains how to use the audit trail in practice:
- where to find it
- who can see what
- how it supports reviews, approvals, and audits
Where in Modulos
Most audit trail information is viewable by regular members with access to the relevant project. Administration actions are managed by organization and project admins.
Notificationsfor your personal inbox of assignments and workflow eventsProject objects → Comments and Logsfor a durable history on items like requirements, controls, evidence, assets, and risks
Who can do what
Permissions
- Organization Members can view notifications and object logs for projects they have access to.
- Reviewers receive notifications for review requests and record decisions in the object’s history.
- Auditors use read-only access plus logs to verify traceability.
- Organization Admins and Project Owners manage access so the right people can see the right trail.
How it works
Notifications
Notifications are user-specific. They’re created for events such as:
- review requests and approvals
- assignments and ownership changes
- status changes on key objects
Notifications help you find what needs attention. They are not the audit trail itself.
- 1Filter and searchUse All or Unread and search to find what needs attention.
- 2Unread countShows how many notifications still need review.
- 3Notification itemsEach item links back to a specific object or event.
- 4Quick actionsMark as read or clear items after you’ve handled them.
Comments and logs
Most governance and risk objects include a Comments and Logs view that records:
- timestamped events and actions
- the actor who performed them
- comments and context that explain why a change was made
This is the primary audit trail auditors rely on.
- 1Comments and Logs tabThe durable history view for the object you are reviewing.
- 2Timeline entriesRecords status changes, assignments, and other events with timestamps.
- 3Add contextUse comments to document reasoning and decisions for audit readiness.
- 4Current stateStatus and ownership provide the “as-is” context for the trail.
How they connect
A single event can create both:
- a log entry on the affected object
- a notification for the relevant assignee or reviewer
Notifications can be cleared, but logs remain as the durable record.
From action to audit trail
Action
Update controlAttach evidenceRequest review
Log entry
Logs are durableNotification
Notifications are personalReview decision
ApprovedRejected
Audit-ready traceability
whowhatwhenwhyevidence
Modulos turns day-to-day work into durable traceability through object logs and review decisions, while notifications keep execution moving.
How to use it
1
Work from your inbox
Use notifications as your queue for review requests and assignments
2
Open the object
Navigate from the notification to the control, requirement, or risk
3
Add context
Use comments to document reasoning and decisions
4
Review and decide
Approve or reject changes when you are the reviewer
5
Trace history
Use logs to validate what changed, who changed it, and when
Important considerations
- Notifications are personal and can be dismissed. Logs are the durable audit trail.
- You only see logs for objects you have access to. If you can’t see a trail, check project access.
- For audit readiness, encourage teams to capture rationale in comments when making significant changes.