Automated mechanisms exist to generate event logs whenever sensitive/regulated data is collected, created, updated, deleted and/or archived.

Does the organization use automated mechanisms to generate event logs whenever sensitive/regulated data is collected, created, updated, deleted and/or archived?