The recording of details of an end-to-end enterprise-wide process, for audit purposes. It should have the ability to give a single picture of the actions of any identity over time. The file should be encrypted, and digitally signed to detect tampering. It may include capture of web-based actions, authentication, accesses and database activity related to an application or a session. It may also include real-time alerts, as well as after-the-event reports.