Recently I was working with a customer who has MOSS 2007 and as we are making improvements to this environment I realized that they had disabled the WorkFlow Cleanup Timer Job I then discovered that they had done this becuase somebody had told them to do this so that Site Collection owners could have audit logs using those lists...sigh
This SHOULD NOT BE DONE, the lists are not secured properly to be used as Audit logs, SharePoint does audit functionality built in and that is what you should use. Here is the meat of the e-mail I sent to my customer to help them decide how to proceed.
First as I have mentioned in the past Workflow history lists were never intended to be used for auditing, and do not meet security requirements as regular users could gain access and edit entries. Along the same lines writing to a list would be unacceptable for the same reason. Please see this article for a note about Workflow History lists http://technet.microsoft.com/en-us/library/ee662522(v=office.14).aspx .
This leaves us with two choices the OOB audit functionality that is built into SharePoint or a 3 rd party tool, since this seems to be the only site that requires auditing (Please correct me if I’m wrong) I would recommend the OOB functionality as being the more cost effective choice. Here is some relevant information about the audit functionality.
Auditing and reporting is done at the Site Collection level
OOB there is limited setting that can be modified for Auditing, but it is customizable
There is an auditflag for WorkFlows which means we could gather information and then create a custom report to view that data. We could implement this following advice in this article http://msdn.microsoft.com/en-us/magazine/cc794261.aspx NOTE: The exe in this article is not supported by Microsoft.