We audit all user editable data. I use a trigger to simply add a complete copy of the record being inserted/updated/deleted to a duplicate (non-indexed), table. I have extra columns in each audit table to track date and user information. Pretty basic but it is surprising how often the audit tables are queried to determine who did what when. Fortunately we don't have to track who accesses/views the data just the changes. We keep the data for 12 months and a nightly job cleans out old audit data. The benefit for me is the speed and simplicity, I get complete detail with little effort, the downside is the space and when you have to analyse it, that is a manual process as you have to compare each column row by row to see what was actually changed, but so far that hasn't been to arduous.