diff --git a/doc/administration/audit_events.md b/doc/administration/audit_events.md
index 7fab424ac936c1f1602648185e52166a75ef7921..3cfbc8ae74b25eee183ddb3b9e840b9fcd8a917a 100644
--- a/doc/administration/audit_events.md
+++ b/doc/administration/audit_events.md
@@ -162,6 +162,7 @@ The following user actions are recorded:
 - Failed second-factor authentication attempt ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16826) in GitLab 13.5)
 - A user's personal access token was successfully created or revoked ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6)
 - A failed attempt to create or revoke a user's personal access token ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6)
+- Administrator added or removed ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/323905) in GitLab 14.1)
 
 Instance events can also be accessed via the [Instance Audit Events API](../api/audit_events.md#instance-audit-events).
 
diff --git a/ee/app/services/ee/users/update_service.rb b/ee/app/services/ee/users/update_service.rb
index 169e58a0f26a7494634521dca599bd71edcc19a3..eaa3957eda46940d161fd05c5e2fc353cb62d421 100644
--- a/ee/app/services/ee/users/update_service.rb
+++ b/ee/app/services/ee/users/update_service.rb
@@ -24,6 +24,7 @@ def notify_success(user_exists)
         audit_changes(:email, as: 'email address')
         audit_changes(:encrypted_password, as: 'password', skip_changes: true)
         audit_changes(:username, as: 'username')
+        audit_changes(:admin, as: 'admin status')
 
         success
       end
diff --git a/ee/spec/services/ee/users/update_service_spec.rb b/ee/spec/services/ee/users/update_service_spec.rb
index 77f9ce7ecc4ce1749fb89fd730d2619d3f65eb32..e1079774ead11fb2cd70a64504be746620f58623 100644
--- a/ee/spec/services/ee/users/update_service_spec.rb
+++ b/ee/spec/services/ee/users/update_service_spec.rb
@@ -101,6 +101,26 @@
           stub_licensed_features(admin_audit_log: true)
         end
 
+        context 'updating administrator status' do
+          let_it_be(:admin_user) { create(:admin) }
+
+          it 'logs making a user an administrator' do
+            expect do
+              update_user_as(admin_user, user, admin: true)
+            end.to change { AuditEvent.count }.by(1)
+
+            expect(AuditEvent.last.present.action).to eq('Changed admin status from false to true')
+          end
+
+          it 'logs making an administrator a user' do
+            expect do
+              update_user_as(admin_user, create(:admin), admin: false)
+            end.to change { AuditEvent.count }.by(1)
+
+            expect(AuditEvent.last.present.action).to eq('Changed admin status from true to false')
+          end
+        end
+
         context 'updating username' do
           it 'logs audit event' do
             previous_username = user.username