If you can use a trigger, you can capture more information.
Check out the details you could log via the SYS_CONTEXT function
http://docs.oracle.com/database/121/SQLRF/functions199.htm#SQLRF06117 and you could also use SYS_CONTEXT('userenv','sid') to query v$session to anything from v$session that is not picked up in the context.
So you can get things like machine, terminal, osuser, ip address etc.
But if they are making changes, then they either have privileges under their own schema, or they know the owning schema passwords....Both dont sound like a good idea.