🏠 Overview 👥 User Roles 📖 Review Sync Audit Log for Compliance and Troublesh...

Review Sync Audit Log for Compliance and Troubleshooting

The sync log repository records every outbound sync attempt with a full audit trail: the record type (reimbursement or honorarium), the target accounting system, the payload hash, the HTTP response status from the accounting API, any error message returned, and whether the attempt succeeded or failed. The integration status screen exposes this log with filtering by date range, record type, and status (success/failure/retrying). Organization administrators access only their organization's log. Global administrators can filter across organizations. The log is read-only and cannot be modified or deleted through the UI, ensuring auditability for Bufdir compliance purposes.

HIGH story-accounting-system-integration-global-admin-004 2 pts
2
Story Points
High
Priority
Accounting System Integration
Feature

User Story

As a user
I want to view a detailed audit log of all outbound sync attempts, including record payloads, timestamps, statuses, and any error messages returned by the accounting system
So that So that I can verify compliance with financial audit requirements, diagnose specific sync failures, and provide evidence of data flows to finance teams or external auditors

Acceptance Criteria

  • Given an administrator on the integration status screen, when they navigate to the audit log section, then they see a paginated list of sync attempts sorted by timestamp descending
  • Given the audit log is displayed, when the administrator filters by date range, then only records within that range are shown
  • Given the audit log is displayed, when the administrator filters by status 'failed', then only failed sync attempts are shown with their error messages
  • Given a specific log entry is selected, when the detail view opens, then it shows the record type, accounting system, payload hash, response code, error message (if any), and retry count
  • Given an organization administrator, when they access the audit log, then they see only records belonging to their organization
  • Given a global administrator, when they access the audit log, then they can filter by organization to drill into a specific organization's records
  • Given any sync log entry, when viewed, then the initiating trigger (auto post-approval or manual) is identified along with the responsible user or system event

Business Value

Bufdir compliance and financial audit requirements mandate traceable records of all data flows between the app and accounting systems. A detailed, tamper-evident audit log allows finance teams to verify that every approved reimbursement was posted correctly, and gives administrators the diagnostic detail needed to resolve disputes or discrepancies without escalating to technical support.

Components

Accounting System Integration
Related Feature
Global Administrator
User Role