First of all this is avery good question and quite a complxed one too.
From my experience to date there should be no requirement to test every table that can be modified throughout the application. For example let’s say we are dealing with an application like LIMS or SAP with 100’s of different tables in the schema all in a relational design. Is it possible to test for modify-delete-update-audit trail for each table, the answer is yes.
Is this realistic, no. If you were to test every single table then the protocol would be enourmous, you would have to get alot of input from the developers of the system which again is not practical from a validation perspective.
So how do you validate such a system, in my opinion a team would be assembled that know how the system works, super users. All of the various processes should be mapped and the the most critical ones should be tested in this way. Say for example there is a sign-off after a critical piece of quality data has been entered then the tables associated with this should be tested for Audit Trails etc.
The point I am trying to make is that the system must be analysed by people that know the system in order to come to a proposal as to how the system should be validated.
This can be detailed in the risk asssessment or possibly the OQ detailing the rational as to why this approach was taken.
As long as the approach is documented then a reasonable Auditor should have no issue with it.