security Shipped
Full Entity-Level Audit Log
Every creation, update, state change, and assignment across every WorkItem type produces a DomainEntityActivity record — timestamp, actor, field-level before/after values.
Key benefits
- · Every entity touch logged — timestamp, actor, changed fields
- · Field-level before/after values preserved
- · Per-entity "Recent Activity" dashboard widgets
- · Activity records optionally assignable to staff for follow-up
- · Queryable by auditors, not buried in system logs
What gets logged
Everything that changes domain state:
- Entity creation (who created the claim, when)
- Every field change (old value → new value, by whom, when)
- State transitions (what state → what state)
- Assignment changes (who was assigned, by whom)
- Document uploads and attachments
- Permission-relevant actions
Not just syslog
DomainEntityActivity is a structured, queryable entity — not a free-form log line. Auditors filter by user, entity, date range, or action type. Activity records can be assigned to staff for follow-up investigation when an anomaly is surfaced.
Dashboard integration
Per-WorkItem-type “Recent Activity” widgets on the VBO dashboard surface recent actor-level touches. A program director sees at a glance: “who edited claim VC-2025-0142 yesterday?”
Complementary logs
VCPMS also maintains:
- Field-level data-change history — victim, claimant, contact, crime data independently versioned.
- Workflow trigger action log — automated system actions (notifications sent, documents generated) tracked separately from human actions.
- Individual-section update tracking — reason capture on claimant/victim/crime section edits.