The security log should include audits for changes to all elements including creation, modification and deletion of items such as queries, reports, suppliers, evidence, systems, incidents, etc as these can all have regulatory impact and it is important we know who changed what and when (think malicious insider or over zealous employee).