diff --git a/owasp-top10-2021-apps/a1/camplake-api/app/handlers/handlers.go b/owasp-top10-2021-apps/a1/camplake-api/app/handlers/handlers.go
index 846d7588b..e7ed0277d 100644
--- a/owasp-top10-2021-apps/a1/camplake-api/app/handlers/handlers.go
+++ b/owasp-top10-2021-apps/a1/camplake-api/app/handlers/handlers.go
@@ -3,6 +3,8 @@ package handlers
 import (
 	"fmt"
 	"net/http"
+	"os"
+	"time"
 
 	"camp-lake-api/crypto"
 	"camp-lake-api/db"
@@ -66,6 +68,25 @@ func NewUser(c echo.Context) error {
 		return c.JSON(http.StatusBadRequest, map[string]string{"result": "error", "details": errorString})
 	}
 
+	// Audit log for NewUser registration
+	f, err := os.OpenFile("audit.log", os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
+	if err != nil {
+		log.WithFields(
+			log.Fields{
+				"method": "NewUserAuditLogOpen",
+				"error":  err,
+			}).Error("failed to open audit log")
+	} else {
+		defer f.Close()
+		entry := fmt.Sprintf("%s: NewUser registration successful for userID=%s, username=%s\n", time.Now().UTC().Format(time.RFC3339), userData.UserID, userData.Username)
+		if _, err := f.WriteString(entry); err != nil {
+			log.WithFields(
+				log.Fields{
+					"method": "NewUserAuditLogWrite",
+					"error":  err,
+				}).Error("failed to write audit log")
+		}
+	}
 	return c.String(http.StatusCreated, "Register: success!\n")
 }