User Audit Report - Detailed

The User Audit Report - Detailed report provides complete audit details of user record data, including fields that have changed, their prior value, and their new value for all users in the portal. The maximum number of entries in the report is 100,000. Up to 50 user record fields can be selected for the report.

The User Audit Report - Detailed report is only available for organizations that are using Cornerstone HR or Enhanced-Audit. For more information regarding the Cornerstone HR and Enhanced-Audit products, please contact your Account Manager.

The User Audit Report - Detailed report goes beyond the generally available, standard user record auditing report, called the User Record Audit Report, which shows basic audit information of user records, including what users records have been modified and when they were modified.

To run the User Audit report, go to Reports > Standard Reports. Then, select the System tab and click the User Audit Report - Detailed link.

PERMISSION NAME PERMISSION DESCRIPTION CATEGORY
User Audit Report - Detailed Grants access to the User Audit standard report, which displays detailed changes to user data. Users with this permission must also have permission to view user fields in other areas of the system. The users and fields available in this report are controlled by additional permissions. This permission can be constrained by OU, User's OU, User's Subordinates, User's Direct Subordinates, User's Self, User Self and Subordinates, User, and Employee Relationship. The constraints on this permission limit the users and OUs that are available when running the report. This is an administrator permission. Reports - System
Users - View Grants the ability to search for and view summary information about users in the portal via the Admin/Users screen. This permission can be constrained by OU, User's OU, User Self and Subordinates, and Users. If multiple constraints are added, these constraints are considered OR statements. This is an administrator permission. Core Administration
Users - View Sensitive Information: Masked Grants ability to view masked Sensitive Personally Identifiable Information (SPII) fields on the user record. Administrators with this permission cannot view the actual data. This permission can be constrained by OU, User's OU, User's Self, User's Subordinates, User's Direct Subordinates, User, and Employee Relationship. This is an administrator permission. Core Administration

Administrators must have permission to view or edit a field on the User Record in order to include it in the report output. See User Record Permissions.

Report Criteria

Date Filters

Filter Description
Date Type

Select whether the report is filtered by Date Changed or Date Effective.

  • Date Changed - When this option is selected, then the report only displays user record modifications that were submitted within the selected date parameters.
  • Date Effective - When this option is selected, then the report only displays user record modifications that have an effective date that is within the selected date parameters. This option is only available if User Record Effective Dating is enabled.
Date Parameters Using the filters, select the date range for the report. Depending on the Date Type selection, the report will only include modifications to the user record that are within the selected date parameters. For example, if the Date Type is set to Date Changed, then only modifications that were initiated within the selected date range are included in the report output.

User Filters

Filter Description
User Criteria

Select a user or a group of users. This criterion applies to the users whose records are being modified. This is a required field. You may choose one or more individual users as well as entire OUs or Groups. If permission for this report is constrained, those constraints apply to user criteria selection when running the report.

Note: If no User Criteria is selected, or if "All Users" is selected, then no data will be returned in the report output.

Include Inactive Select this option to include inactive users in the report.

Fields Modified - User Record

This section enables you to select which user record fields are included in the report output. This section is only available if user record auditing is enabled.

The User Record section is comprised of multiple subsections that contain fields that may appear on the User Record. All subsections are displayed in the order in which they appear on the user record, and they are collapsed by default. To expand the subsection to view the section's fields, click the down arrow icon to the right of the subsection heading. Up to 50 user record fields can be selected for the report.

Security Note: In order for audits of user record fields to be included in the output of the report, the target user must be within the constraints of the Users - View permission and the User Audit Report - Detailed permission. In addition, you must have permission to view or edit the corresponding field on the User Record. See User Record Permissions.

The following subsections appears in the Fields Modified - User Record section:

  • Contact information
  • Sensitive Information - This subsection enables organizations to report on when Sensitive Personally Identifiable Information (SPII) fields are modified on a user record. This section is only available when Encrypted Sensitive Information is enabled. This section is only available to administrators who have the Users - View Sensitive Information: Masked permission, and administrators can only access data for users who are within their constraints on this permission.
    • When sensitive information fields are included in the report output, the report output displays when each SPII field is modified and by whom. However, the Changed From and Changed To values are always hidden and cannot be revealed to the administrator within this report.
    • Because the actual values of the SPII fields are not displayed in the report output, the system does not audit the access of this report.
  • General Information
  • Organizational Structure
  • Settings
  • User Status Information
  • User Record Custom Field Categories - These categories can be configured in User Record Custom Fields. Only active categories are displayed, and they are displayed in the order in which they are ordered within Custom Field Administration.

Fields Modified - Compensation

This section enables you to select which compensation fields are included in the report output. This section is only available if compensation auditing is enabled.

The Fields Modified - Compensation section is comprised of multiple subsections that contain different types of compensation fields. All subsections are displayed in alphabetical order, and they are collapsed by default. To expand the subsection to view the section's fields, click the down arrow icon to the right of the subsection heading. Up to 50 total fields can be selected for the report. This includes fields in the User Record and Compensation sections.

Security Note: In order for audits of compensation fields to be included in the output of the report, the target user must be within the constraints of the applicable permissions. For Base Compensation fields, these are the Employee Salary Management - View and User Audit Report - Detailed permissions. For Individual Targets fields, these are the Compensation Individual Targets - View and User Audit Report - Detailed permissions.

The following subsections appears in the Fields Modified - Compensation section:

  • Base Compensation
  • Individual Targets - This section includes standard and custom individual targets.

Report Structure

Filter Description
Sort report by

Select the order in which the report data should be sorted. The following options are available:

  • Date Changed - This option is selected by default.
  • Date Effective - This option is only available if User Record Effective Dating is enabled.
  • User Last Name
  • User ID
  • Reason for Change - This option is only available if the Reason for Change functionality is enabled.

Process Report

Criteria Description
Report Title Enter a title for the report, up to 50 characters. The title is displayed on the report and is also displayed in the list of Processed Reports on this page.

This is an asynchronous report, which allows the administrator to define the standard report and generate the report asynchronously. As a result, when administrators process the report, the system generates the report in the background, while the administrator can move on to other areas of the system. When the report is finished processing, the administrator can then view the full report in its entirety.

  • Up to 10 separate reports can generate asynchronously, allowing greater flexibility for creating and storing different versions of the report.
  • If you process a report or refresh a stored report, the report appears in the table as Queued.
  • The most recently created report displays at the top of the table.
  • Since the user can generate up to ten reports, the administrator can define a report title for each of the generated reports.
  • Clicking the View Details icon changes the report settings on the page to match those of the selected previously run report.

When the Process Report link is clicked, the report is run based on the selected criteria. The report output is stored in the Processed Reports table.

The administrator can choose the following actions and options for each report in the Processed Report table:

  • Click the Excel icon to export the report to Excel.
  • Click the Refresh icon to refresh the report results.
  • Click the View Details icon to view the filter criteria for the report.
  • Click the Delete icon to delete the report.

Report Output