The Audit Trail answers "what happened?" chronologically. User Activity answers "who's doing it?" — by rolling the same log up into a per-user accountability view.
Each row is a user. Each column is a category of action — Controls, Tasks, Risks, Assets, Documents, Incidents — plus a catch-all bucket for everything else. The cells are counts of state-changing actions taken by that user in the selected window. There's a total, a last-active timestamp, and the option to scope to a single instance or date range.
- Engagement at a glance. See immediately who's actively maintaining the ISMS and who hasn't touched it in weeks. The "last active" column reads like a heartbeat.
- Category-weighted view. A user with 200 task actions and 2 control actions is doing different work from a user with the reverse — the breakdown shows it without exporting to a spreadsheet.
- Instance scoping. In multi-instance and federated deployments, filter to the instance you care about. Headquarters can see per-subsidiary contribution; subsidiary admins see just their own.
- Date range. Last week, last quarter, since the last audit — pick a window and the view rebuilds against the same underlying log.
Listed in the catalogue so the feature is discoverable, but never billed separately — every Cybsis instance carries it. Pair it with Audit Trail for the chronological view of the same data: one tells you what was done, the other tells you by whom.