In
`@android/app/src/main/java/io/mosip/registration_client/api_services/MasterDataSyncApi.java`:
- Around line 243-244: The audit call for SYNC_DEVICE_DETAILS in
MasterDataSyncApi.syncMasterData() is misleading because this method does not
sync device details; remove the
auditManagerService.audit(AuditEvent.SYNC_DEVICE_DETAILS,
Components.REGISTRATION) invocation or wrap it in a conditional that only runs
when device details are actually synced (e.g., after a device-sync code path or
when a DeviceDetails result/flag is present). Update only the audit call
(located next to auditManagerService.audit(AuditEvent.SYNC_MASTER_DATA,
Components.REGISTRATION)) so the logged events accurately reflect the work done
and remain consistent with the masterSyncJob path.

In
`@android/app/src/main/java/io/mosip/registration_client/api_services/PacketAuthenticationApi.java`:
- Line 119: The audit events PACKET_SYNCED_TO_SERVER and PACKET_UPLOADED are
being recorded with Components.REGISTRATION in PacketAuthenticationApi (via
auditManagerService.audit(...)), but BatchJob.java emits the same events with
Components.REG_PACKET_LIST; make them consistent by updating the
auditManagerService.audit calls in PacketAuthenticationApi for
AuditEvent.PACKET_SYNCED_TO_SERVER and AuditEvent.PACKET_UPLOADED to use
Components.REG_PACKET_LIST (so both PacketAuthenticationApi and BatchJob.java
attribute the same component).
- Line 219: Update the misspelled audit enum and its usages: rename the
AuditEvent constant PACKET_RETRIVE to PACKET_RETRIEVE in the AuditEvent enum
(and correct its enum description text from "retrived" to "retrieved"), then
update all references such as the call
auditManagerService.audit(AuditEvent.PACKET_RETRIVE, Components.REGISTRATION) in
PacketAuthenticationApi to use AuditEvent.PACKET_RETRIEVE so compilation and
logs reflect the correct spelling.

In
`@android/app/src/main/java/io/mosip/registration_client/api_services/UserDetailsApi.java`:
- Line 72: The audit event AuditEvent.VALIDATE_USER_CRED is emitted in
validateUser immediately after calling isValidUserId even though no credential
validation occurs; update the audit to accurately reflect the action by either
replacing AuditEvent.VALIDATE_USER_CRED with a more appropriate event like
AuditEvent.VALIDATE_USER_ID (or ADD/CREATE a new enum constant) inside the
validateUser flow, or move the auditManagerService.audit(...) call to the point
where credentials are actually checked—identify and modify the
auditManagerService.audit(...) invocation and the AuditEvent enum to keep event
names consistent with the actual operation.

In
`@android/clientmanager/src/main/java/io/mosip/registration/clientmanager/constant/AuditEvent.java`:
- Around line 175-179: The AuditEvent enum contains duplicate audit codes:
PACKET_CREATION_SUCCESS, PACKET_ENCRYPTED, PACKET_UPLOADED,
PACKET_SYNCED_TO_SERVER (using REG-EVT-066..069) and REG_BIO_LEFT_SLAP_SCAN /
REG_BIO_SCAN share REG-EVT-030; update these enum constants to use unique,
non-colliding codes (e.g., choose the next unused REG-EVT numbers) in
AuditEvent, confirm no other constants (like APPR_* or NEXT_BUTTON_CLICKED) use
those codes, and adjust any downstream consumers/tests/configs that reference
the old values so analytics and correlation remain correct. Ensure you search
the repo for the old codes before changing and keep the enum names unchanged to
avoid API breaks.

In
`@android/clientmanager/src/main/java/io/mosip/registration/clientmanager/service/PacketServiceImpl.java`:
- Line 428: The audit call
auditManagerService.audit(AuditEvent.SYNC_PKT_COUNT_VALIDATE,
Components.REGISTRATION) is invoked before the packet count validation and is
executed inside the same try that can short-circuit validation; move this audit
invocation to after the actual validation logic (so it only logs when validation
ran) and wrap the audit call in its own small try-catch that logs audit failures
but does not rethrow, ensuring packet count validation in the PacketServiceImpl
method always runs even if audit() fails.

In
`@android/clientmanager/src/main/java/io/mosip/registration/clientmanager/service/PreCheckValidatorServiceImpl.java`:
- Line 84: The call to auditManagerService.audit(...) in
PreCheckValidatorServiceImpl may throw and is currently allowed to bubble up and
be re-wrapped as a ClientCheckedException which can incorrectly block
registration; modify the code around the audit call
(auditManagerService.audit(AuditEvent.SYNC_INFO_VALIDATE,
Components.JOB_SERVICE)) to execute it inside its own try-catch, catch and log
any exception (or use auditManagerService-specific error handling) but do not
rethrow or translate it into OPT_TO_REG_TIME_SYNC_EXCEED — treat it as
fire-and-forget so the rest of the validation flow continues even if audit
fails.

In
`@android/clientmanager/src/main/java/io/mosip/registration/clientmanager/service/RegistrationServiceImpl.java`:
- Around line 308-313: In RegistrationServiceImpl adjust the flow so
auditManagerService.audit(AuditEvent.PACKET_ENCRYPTED, ...) and
AuditEvent.PACKET_INTERNAL_ZIP are only invoked after persistPacket returns a
non-null result: move or wrap those audit calls to occur after the persistPacket
null-check (i.e., after verifying the returned packet != null). Also fix the
containerPath null-check by changing the condition from "containerPath != null
|| !containerPath.trim().isEmpty()" to use logical AND ("containerPath != null
&& !containerPath.trim().isEmpty()") so it doesn't NPE when containerPath is
null.

In
`@android/app/src/main/java/io/mosip/registration_client/api_services/MasterDataSyncApi.java`:
- Line 438: The unguarded call to
auditManagerService.audit(AuditEvent.SYNCJOB_INFO_FETCH, Components.JOB_SERVICE)
inside getActiveSyncJobs can throw and block returning results; wrap that audit
invocation in its own try-catch so any exceptions are swallowed or logged (do
not rethrow) to preserve the method's normal return path. Specifically, locate
the audit call in getActiveSyncJobs, surround auditManagerService.audit(...)
with try { ... } catch (Exception e) { /* log audit failure via logger or
auditManagerService.log/error but do not throw */ }, and ensure the catch only
records the failure without impacting the method's result.

In
`@android/clientmanager/src/main/java/io/mosip/registration/clientmanager/constant/AuditEvent.java`:
- Around line 176-179: Fix the typos in the audit event description strings for
PACKET_CREATION_SUCCESS, PACKET_ENCRYPTED, and PACKET_SYNCED_TO_SERVER in the
AuditEvent enum: change "Packet Succesfully Created", "Packet Encrypted
Sucessfully", and "Packet Synced to Server Sucesfully" to use the correct
spelling "Successfully" (e.g., "Packet Successfully Created", "Packet Encrypted
Successfully", "Packet Synced to Server Successfully") so persisted audit logs
use the corrected text.

In
`@android/clientmanager/src/main/java/io/mosip/registration/clientmanager/service/PreCheckValidatorServiceImpl.java`:
- Around line 296-297: The audit call
auditManagerService.audit(AuditEvent.SYNC_GEO_VALIDATE, Components.REGISTRATION)
in validateCenterToMachineDistance is unguarded and can throw
non-NumberFormatException errors that will block registration; wrap that single
audit call in its own try-catch that catches Exception (or Throwable) and logs
the failure via the existing logger (e.g., logger.error(..., e)) without
rethrowing, mirroring the handling used for SYNC_INFO_VALIDATE so the audit
remains fire-and-forget.

In
`@android/clientmanager/src/main/java/io/mosip/registration/clientmanager/service/RegistrationServiceImpl.java`:
- Around line 342-344: persistPacket can return a null/empty containerPath but
the code still calls insertRegistration and emits
auditManagerService.audit(AuditEvent.PACKET_CREATION_SUCCESS,
Components.REGISTRATION); — change the flow in RegistrationServiceImpl so you
check the result of persistPacket (containerPath) immediately: if containerPath
is null/empty, log/audit a failure and return or throw (so insertRegistration is
not called), otherwise proceed to call insertRegistration and then emit
PACKET_CREATION_SUCCESS; reference the persistPacket call site,
insertRegistration(...) invocation, and the auditManagerService.audit(...) call
when making the change.

Verify each finding against the current code and only fix it if needed.

Inline comments:
In
`@android/app/src/main/java/io/mosip/registration_client/api_services/PacketAuthenticationApi.java`:
- Line 196: The audit call using AuditEvent.PACKET_INTERNAL_ERROR in
PacketAuthenticationApi (auditManagerService.audit(...)) currently passes
Components.REGISTRATION but should use Components.REG_PACKET_LIST to match
BatchJob's usage and keep audit component consistent; update the
auditManagerService.audit invocation that references
AuditEvent.PACKET_INTERNAL_ERROR to pass Components.REG_PACKET_LIST instead of
Components.REGISTRATION.

---

Duplicate comments:
In
`@android/clientmanager/src/main/java/io/mosip/registration/clientmanager/service/PacketServiceImpl.java`:
- Around line 442-447: The audit call can throw and currently lives inside the
outer try/catch that returns false on any Exception, which can override the
computed result (limitReached); update the method in PacketServiceImpl so that
after computing boolean limitReached = yetToExportCount >= maxCount you invoke
auditManagerService.audit(AuditEvent.SYNC_PKT_COUNT_VALIDATE,
Components.REGISTRATION) inside its own try/catch that swallows/logs audit
exceptions (do not change limitReached), ensuring any exception from audit does
not change the method's returned value.

---

Nitpick comments:
In `@android/app/src/main/java/io/mosip/registration_client/utils/BatchJob.java`:
- Around line 192-196: The catch block around the upload loop currently calls
auditManagerService.audit(AuditEvent.PACKET_INTERNAL_ERROR,
Components.REG_PACKET_LIST, e.getMessage()) which itself may throw and escape
the catch; wrap that single auditManagerService.audit(...) call in its own
try-catch so any exception from audit is caught and logged (e.g., with Log.e
using getClass().getSimpleName()) and not rethrown, preserving
syncAndUploadInProgressStatus = false and allowing the upload loop to continue;
keep the original logging of the primary exception (Log.e(..., e.getMessage()))
and ensure the audit fallback catch does not alter control flow.

In
`@android/clientmanager/src/main/java/io/mosip/registration/clientmanager/service/AuditManagerServiceImpl.java`:
- Around line 169-186: The Audit constructor is called with two separate
System.currentTimeMillis() invocations in AuditManagerServiceImpl which can
yield slightly different timestamps; capture a single timestamp into a local
long variable (e.g., long now = System.currentTimeMillis();) before creating the
Audit and reuse that variable for both the createdAt and actionTimeStamp
parameters when constructing the Audit object.

In
`@android/clientmanager/src/main/java/io/mosip/registration/clientmanager/service/MasterDataServiceImpl.java`:
- Line 545: The call to auditManagerService.audit(AuditEvent.FETCH_USR_DET,
Components.LOGIN) inside syncUserDetails should be wrapped defensively so an
unexpected exception from auditManagerService does not abort the sync; modify
syncUserDetails to call auditManagerService.audit(...) inside a try-catch that
logs the audit failure (using existing logger or auditManagerService if
appropriate) and swallows the exception so processing continues—mirror the safe
pattern used in PacketServiceImpl.isMaxPacketCountLimitReached() to locate the
intended handling style.

Verify each finding against the current code and only fix it if needed.

Inline comments:
In
`@android/app/src/main/java/io/mosip/registration_client/api_services/PacketAuthenticationApi.java`:
- Line 196: The audit call using
auditManagerService.audit(AuditEvent.PACKET_INTERNAL_ERROR,
Components.REG_PACKET_LIST, e.getMessage()) may pass a null message when
Exception e has no message; change the third argument to a null-safe string
(e.g., use e.getMessage() if non-null else e.toString() or a fixed fallback like
"Exception occurred") so auditManagerService.audit always receives a non-null,
meaningful message; update the call site in PacketAuthenticationApi where
auditManagerService.audit is invoked and keep the same
AuditEvent.PACKET_INTERNAL_ERROR and Components.REG_PACKET_LIST parameters.

---

Nitpick comments:
In
`@android/app/src/main/java/io/mosip/registration_client/api_services/PacketAuthenticationApi.java`:
- Around line 237-238: The audit call is missing the packet identifier—update
the auditManagerService.auditWithArguments invocation(s) (e.g., the call using
AuditEvent.PACKET_STATUS_UPDATE with Components.REGISTRATION.getId()/getName()
and clientStatus) to include packetId as an argument (for example, pass packetId
and then clientStatus) so the per-packet audit trail can be reconstructed; make
the same change in other similar calls such as from
supervisorReview/updatePacketStatus that call auditWithArguments.