Forum Discussion

rando230's avatar
rando230
Copper Contributor
May 28, 2024

Best Practices for Tracking Changes on a SharePoint List Accessed by a Service Account

Hello Microsoft Community,

 

I am reaching out to seek advice and best practices for monitoring and tracking changes on a SharePoint list that is accessed via a service account. In our organization, multiple individuals have access to this service account, which raises concerns about maintaining accountability and transparency regarding the modifications made to the list.

 

The SharePoint list in question contains various columns, including calculated columns, which are crucial for our operations. However, these calculated columns present a challenge as they do not inherently track who made changes or when these changes were made. This lack of traceability is problematic, especially when trying to audit or review historical data.

 

I am looking for a method or tool that can help us keep a detailed log of all activities on the list. Ideally, this solution would capture:

  1. Timestamps of when changes are made.
  2. Identification of the specific elements that were altered (from metadata to formulas).
  3. The nature of the changes (what columns was added, removed, or modified).

We want to ensure that our SharePoint list remains a reliable and accurate source of information for all team members. Therefore, having a system that can provide a comprehensive audit trail would be extremely beneficial.

 

I would greatly appreciate any recommendations on features within SharePoint, Power Automate, or custom solutions that could assist us in achieving this level of oversight. Additionally, if there are any best practices for managing shared service account access to SharePoint lists, I would be eager to learn about those as well.

 

Thank you in advance for your time and assistance.

  • rando230 

     

    Almost all the information you need can be tracked using versioning in SharePoint. Check:

    1. Versioning in SharePoint 
    2. View the version history of an item or file in a list or library 

    But if everyone logins using the single service account and making changes to SharePoint list items, you will not be able track "who" made the changes.

     

    Ideally, you should share the SharePoint list with individual users or "group" (SharePoint group or Azure AD group) of users directly instead of sharing service account with everyone.


    Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily. It also closes the item. If the post was useful in other ways, please consider giving it Like.

    • rando230's avatar
      rando230
      Copper Contributor

      ganeshsanap 

      Hello again,

       

      Thank you for your prompt response and for suggesting the use of versioning in SharePoint. I have reviewed the versioning settings and understand how it can track the history of individual list items. However, upon further inspection, it appears that versioning in our SharePoint list is limited to list items and does not provide a history of changes made to the list structure itself, such as modifications to calculated column formulas.

       

      This is a significant concern for us because if someone alters the formula in a calculated column, there is no audit trail to indicate who made the change or when it occurred. The lack of this information can lead to confusion and potential data integrity issues, especially since multiple individuals access the list through a shared service account.

       

      Could you please advise on any alternative methods or tools that would allow us to track changes to the list structure, particularly the formulas in calculated columns? We are looking for a solution that can provide a clear audit trail for such changes, which is crucial for maintaining accountability and transparency within our team.

       

      Additionally, I understand the recommendation to share the SharePoint list with individual users or groups directly. However, due to specific operational requirements, we currently need to maintain access through a shared service account. Given this constraint, are there any best practices or workarounds that can help us monitor who is making changes when logged in through the service account?

       

      I appreciate your assistance and look forward to any further insights you may have on this matter.

      • cseb96's avatar
        cseb96
        Copper Contributor
        Hey mate, after the same thing. Were you able to get an answer for this?

Resources