I have suspect activity , Admin Password reset request

is there any admin log that shows admin actvity, i suspect a local club member ?

Over the last few months I have seen suspect changes to the agenda roles, many unrecognised ip address loging on to the webadmin, I changed the Admin password and the changes stoped.
I have now noticed someone is requesting the password be reset for them to  control the webadmin. the current VPE told me he gave the password to a non exec member to file his role while he was away.
is there a procedure to identify if this is a club member making the webadmin pasword reset request?
is there a admin log that I can see what they are changing?
Thanks in advance.
Roy de Visser  IPP  Burwood Toastmasters 6865 D70
 

Only the admin can access the admin console and the password is only sent to the admin.  IP addresses can be dynamic, or change when using different devices or different locations.  If you get warnings when you haven't logged in, no one can access the console unless you've shared the password. 
Up to 3 officers and the admin have access to each of the modules.
Agenda roles can be given edit access to the agenda - in which case those members can edit the agenda. Other than the 3 officers and admin, usually only the Toastmaster is given access - some clubs also give access to the Wordmaster and others as required.
Your last contest agenda shows some strange roles with access - including some contestants.  Perhaps time to tighten up your agenda access rights.

There are no change logs

Thank you Pam,
This is great information I have made those changes now.
Roy