Auditing may be logging as the user that executes a request, if we have used a trust relationship for a request to be run as a different user we need to be able to track back to identify how the user for the request was selected.

i.e. If userA runs something as userB and does something bad we must be able to track back that it was userA making the overall request without userB getting the blame.