Whether you’re in manufacturing, finance, or distribution, auditability is key. From compliance with internal policies to industry regulations, knowing who changed what, when, and why can be critical.
The good news is, you don’t need complex custom code or external tools to build an effective audit trail. Epicor BPMs (Business Process Management tools) offer a no-code way to track changes inside your ERP system.
In this guide, the Epicor experts at Epicforce Tech show you how to implement reliable audit logging using BPMs. This saves time, boosts transparency, and keeps your systems traceable.
What Is an Audit Trail in Epicor?
An audit trail is a systematic record of changes made to data in the system. These records usually include:
- The field or table that was updated
- The old value and the new value
- The user who made the change
- The timestamp
- (Optionally) a reason or contextual info
Epicor ERP doesn’t provide built-in audit logging for all tables or transactions, but with BPMs, you can configure your own logging for any critical updates.
Why Use BPMs Instead of Custom Code?
Using Epicor BPMs to create audit trails has several advantages:
| Feature | BPM Approach | Custom Code |
|---|---|---|
| No Coding Required | Yes | No |
| Upgrade-Safe | Yes | No |
| Easy to Maintain | Yes | No |
| Real-Time Logging | Yes | Yes |
| Accessible to Functional Users | Yes | No |
Epicforce Tech recommends BPMs whenever possible to avoid versioning issues and maintain low technical debt across ERP upgrades.
Use Cases: Where to Apply BPM-Based Audit Trails
Audit trails are particularly helpful in modules where sensitive or business-critical data is modified:
- Finance: changes to GL accounts, journal entries, or supplier bank details
- Inventory: updates to quantities, bin allocations, or part master
- Sales and Purchasing: changes to prices, discounts, or terms
- HR or Payroll (if used): edits to salary fields or employee details
- Security: user role changes, disabled accounts, and similar actions
Let’s walk through how to build an audit trail for a common scenario.
Step-by-Step: Creating an Audit Trail Using Epicor BPMs
Step 1: Identify the Business Object and Field to Track
Start by determining:
- Which table you want to monitor (for example, Part)
- Which field(s) should trigger logging (for example, Part.Description)
This helps you narrow the focus and avoid excessive logging.
Step 2: Create a New Data Directive BPM
To track changes to a table, use a Data Directive BPM:
- Go to System Management > Business Process Management > Data Directives
- Choose In-Transaction Directive
- Select the table you want to monitor (for example, Part)
- Create a new directive and give it a clear name (for example, Audit_PartDescriptionChange)
Step 3: Add Conditions to Detect Changes
Use the “Condition” widget to compare the old and new field values:
If ttPart.Description has changed from original("Description")
This ensures your BPM only runs when the field you’re auditing is actually modified.
Step 4: Use a Custom Table or UD Table for Logging
Epicor allows the creation of User Defined (UD) Tables. Epicforce Tech recommends a structure like this:
| Field | Type |
|---|---|
| AuditID | Unique Identifier |
| TableName | NVARCHAR |
| FieldName | NVARCHAR |
| OldValue | NVARCHAR |
| NewValue | NVARCHAR |
| ChangedBy | NVARCHAR |
| ChangedOn | DateTime |
| RowID | NVARCHAR |
Insert a row into this table every time a change is detected. Use the Set Argument or Execute Custom Code actions to pass values into the write action.
Step 5: Write to the Audit Table
Use the “Invoke BO Method” or “Execute Custom Code” action to create a new record in your audit table:
- Set ChangedBy = CallContextClient.CurrentUserID
- Set ChangedOn = Today()
- Set OldValue = original(“Description”)
- Set NewValue = ttPart.Description
This captures the full context of the change.
Step 6: Test Thoroughly
Validate that:
- Your audit records are created correctly
- They include the right fields
- They do not duplicate on updates with no change
This step is crucial to ensure logging doesn’t introduce noise or performance issues.
Tips to Keep BPM-Based Audit Trails Efficient
1. Limit Scope
Only audit what is necessary. Over-auditing can affect performance and flood the database.
2. Create a Logging Strategy
Plan what modules and fields truly need tracking. Document it in your internal policies.
3. Add a Retention Policy
Use a separate BPM to purge logs older than 6 or 12 months, or archive them for audit purposes.
4. Centralize the Table
Use one shared audit table for all BPMs. Add a TableName field to distinguish records by module.
5. Secure the Table
Limit write access to your UD audit table to prevent tampering.
Common Pitfalls (and How to Avoid Them)
| Pitfall | Solution |
|---|---|
| Logging all changes to a large table | Scope to specific fields only |
| Creating BPMs that run on every row | Use if modified conditions |
| Failing to timestamp logs | Always include ChangedOn field |
| Users bypassing audit logic | Enforce via BPM and not just UI logic |
Epicforce Tech emphasizes setting clear BPM execution conditions to avoid negative impacts on performance or stability.
Real-World Example: Auditing Price Changes in Sales Orders
Let’s say you want to track manual price changes on sales order lines. Here’s how you’d approach it:
- Target table: OrderDtl
- Field: UnitPrice
- BPM type: Data Directive – In-Transaction
- Trigger: When UnitPrice is not equal to original(“UnitPrice”)
- Log: OrderNum, LineNum, OldPrice, NewPrice, ChangedBy, ChangedOn
This can be extended with an email alert to a manager if price drops below a certain threshold, all without writing custom code.
Reporting on BPM-Based Audit Trails
Once you have your audit trail table populated, build a simple BAQ (Business Activity Query) to expose this data to:
- A dashboard for internal auditing
- SSRS reports for external compliance
- Tracker views filtered by user or table
With Epicforce Tech’s approach, teams often export filtered logs to Excel or connect them to Power BI dashboards for visual insights.
Conclusion: Audit-Proof Without Custom Code
By using Epicor BPMs to implement audit trails, you:
- Reduce the need for technical development
- Maintain a clean, upgrade-safe ERP
- Improve data integrity across departments
Whether you’re meeting compliance standards or just keeping an internal record, Epicor BPMs offer a flexible and maintainable approach to tracking critical changes.
At Epicforce Tech, we specialize in designing BPM strategies that balance transparency, performance, and control. If you’re looking to streamline audit processes across your Epicor ERP system without relying on custom scripts, we’re here to help.
Read More:
How to Create Real-Time Alerts in Epicor Using BPMs
Tips to Train End Users on the Impact of Epicor BPMS Workflows
Top 10 Use Cases Where Epicor BPMs Improve Efficiency
Top Tips to Automate Epicor Workflows Using BPM Directives
How to Use Epicor BPMs to Enforce Data Integrity Across Modules
