diff --git a/src/lightspeed_agent/config/settings.py b/src/lightspeed_agent/config/settings.py
index d8565aa9..fc746491 100644
--- a/src/lightspeed_agent/config/settings.py
+++ b/src/lightspeed_agent/config/settings.py
@@ -213,6 +213,14 @@ class Settings(BaseSettings):
         default="json",
         description="Log format",
     )
+    audit_logging_enabled: bool = Field(
+        default=True,
+        description=(
+            "Enable audit context injection (user_id, org_id, order_id, request_id) "
+            "into log records. Disabling removes PII from logs but reduces "
+            "forensic traceability."
+        ),
+    )
     agent_logging_detail: Literal["basic", "detailed"] = Field(
         default="basic",
         description="Agent execution logging detail level. "
diff --git a/src/lightspeed_agent/logging/filters.py b/src/lightspeed_agent/logging/filters.py
index 070617e8..29ea842a 100644
--- a/src/lightspeed_agent/logging/filters.py
+++ b/src/lightspeed_agent/logging/filters.py
@@ -19,8 +19,17 @@ class AuditContextFilter(logging.Filter):
     """
 
     def filter(self, record: logging.LogRecord) -> bool:
-        record.user_id = get_request_user_id() or ""
-        record.org_id = get_request_org_id() or ""
-        record.order_id = get_request_order_id() or ""
-        record.request_id = get_request_id() or ""
+        from lightspeed_agent.config import get_settings
+
+        settings = get_settings()
+        if settings.audit_logging_enabled:
+            record.user_id = get_request_user_id() or ""
+            record.org_id = get_request_org_id() or ""
+            record.order_id = get_request_order_id() or ""
+            record.request_id = get_request_id() or ""
+        else:
+            record.user_id = ""
+            record.org_id = ""
+            record.order_id = ""
+            record.request_id = ""
         return True