With Ruby on Rails one can use https://github.com/paper-trail-gem/paper_trail which will keep a record of every database change. Similarly one could record every database query on the database server.
Looking at clicks sounds like recording the screen of the user. Too many privacy issues IMHO even for an internal tool.
For actions that involve finance, it might be better to have a peer approval. This slows the process but manages risk better than an individual sign off.
My approach has always been to just ask the person who made the mistake to replicate it on the test system. That's generally (but not always) clarified what the issue is.
With Ruby on Rails one can use https://github.com/paper-trail-gem/paper_trail which will keep a record of every database change. Similarly one could record every database query on the database server.
Looking at clicks sounds like recording the screen of the user. Too many privacy issues IMHO even for an internal tool.
For actions that involve finance, it might be better to have a peer approval. This slows the process but manages risk better than an individual sign off.
My approach has always been to just ask the person who made the mistake to replicate it on the test system. That's generally (but not always) clarified what the issue is.
Most tools have audit logs. Currently, we put the logs to LLMs and understand. It is not perfect, but at least it gives a direction to us right now.