For the early stages, When myself or a peer goes in to the system to suspend a user, or adding a user, etc, having a direct audit trail would be good. As an example I might see that administrator X added Joe Schmoe's account in the A, B, C groups at time Y on date Z. If anyone comes by to ask me to give a history of Dr Schmoe's account, I can grep through logs and find it sort of thing (audits here can be quite specific sometimes).
Keep simple to start, build more later
Audit
Metadata Update from @cdsgalaxy: - Issue assigned to someone - Issue set to the milestone: Future Releases
Login to comment on this ticket.