Title 21 CFR Part 11: Auditing
Auditing implementation details:
Auditing is part of the law required for part 11 compliance here is what the law says itself
e) Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records. Record changes shall not obscure previously recorded information. Such audit trail documentation shall be retained for a period at least as long as that required for the subject electronic records and shall be available for agency review and copying.
This essentially means you need to collect who is performing the action, what they are doing (record the before and after values), the date and time of the activity, a reason for the activity if not specified implemented in the module.
There are several other aspects of auditing required including time synchronization and unique usernames and passwords. Without these two things the audit logs don’t really mean anything it is a holistic thing and this explains why it is so important!
It is really valuable to have auditing across the entire system so that you can confirm roles security and authorization levels as well. Security logging, system access logging, and electronic signature logging are all required and useful for testing of a system as well.