What is required for audit trail entries for all system components events?

• A. Complete interviews and observation of audit logs for each auditable event.
• B. Automated log generation only.
• C. Logs stored offsite only.
• D. No human verification.

Answer: (A)

Auditable events must be verifiable and traceable across all system components. Logs alone aren’t enough if you can’t confirm they reflect real actions. A trustworthy audit trail combines automated generation of log entries with independent verification to ensure completeness and accuracy. By conducting complete interviews with responsible personnel and observing the log review process, you establish that each auditable event is captured correctly and that the logs match what actually occurred. This verification step is essential to ensure the audit trails are reliable for reconstruction and investigation.

The other options miss this verification element or focus only on one aspect (generation or storage) without confirming that the recorded events truly reflect reality.