Is Your SAP HANA Database Growing Rapidly?
Here's Why CIOs Must Take Note—Especially Post-MCA Mandate
The Ministry of Corporate Affairs (MCA) has mandated in India that, starting from April 1, 2023 (later moved to April 1, 2024), all companies regardless of their size, including not-for-profit companies licensed under Section 8 of the Companies Act 2023 (or Section 25 of the Indian Companies Act 1956) using accounting software must incorporate a built-in mechanism in their software that records an audit trail for every transaction. Thus, all companies under the Companies Act, including one-person-companies (OPC), small, dormant, and foreign companies, are required to maintain the audit trail in India.
Additionally, an edit log must be created for each modification made in electronically maintained books of account, capturing the date of such changes. It is crucial to ensure that the audit trail always remains enabled and cannot be disabled.
Auditor’s obligation to ensure compliance with audit trail requirements
Under Rule 11(g), the statutory auditor is required to make specific assertions in the audit report, including:
Whether the company’s accounting software maintains an audit trail feature.
Whether the audit trail feature was enabled and operational for the entire financial year.
Whether all transactions are captured within the audit trail.
Whether the audit trail is protected from tampering or disabling.
Whether the audit trail is retained in compliance with statutory requirements.
SAP responded to the MCA's statutory requirement on audit trails by releasing SAP Note 3042258 – Maintenance of Audit Trail – Statutory Requirement, which outlines the necessary configurations and settings to enable audit trails in SAP HANA.
SAP HANA supports three primary audit trail targets for production systems:
Internal Database Table (Enables quick querying and analysis and accessible only through public system views)
Syslog (Default log daemon in UNIX systems, Secure storage location and Inaccessible even to database administrators) *Recommended
CSV Text File (Stores in file format. However, easy to tamper, and/or delete. recommended for test environments only)
The Hidden Cost of Compliance
Many enterprises have adopted these recommendations to ensure compliance. However, maintaining audit trails in SAP HANA introduces several operational and technical challenges such as substantial increase in data volume, slow down system performance, and drive up infrastructure costs.
Securing this sensitive information adds another layer of complexity, requiring strict access controls to prevent unauthorized viewing or tampering. Moreover, as the volume of logs grows over time, navigating, maintaining, and analyzing these files becomes increasingly complex and resource-intensive, often demanding specialized tools or manual intervention—making compliance not just a technical task, but a strategic data management challenge.
Increased data = increased storage = increased price.
Simple math with big budget impacts.
Additional Challenges
While SAP HANA Audit trail provides many auditable actions which can be enabled quickly, there are equal challenges.
· Audit trails can be disabled easily by any user who has authorization to AUDIT ADMIN privilege or by someone who has access to SYSTEM user.
· Audit policies can be altered easily.
· Audit trails can be easily deleted with a simple ALTER SYSTEM CLEAR AUDIT LOG ALL; SQL command by any user who has authorization to AUDIT OPERATOR privilege.
The Solution - Enhancing SAP HANA Data Auditing with ThreatSenseAi
ThreatSenseAi offers a set of advanced tools. These tools enhance the auditing and security functions of SAP HANA. ThreatSenseAi enhances log collection and centralized management of critical incidents. ThreatSenseAi DAM solution offers the following capabilities:
Record DML & DDL activities that happen from the DB level. All the DML & DDL activities that happens from the application level are recorded in the application and will not be captured again at the DB audit logs (duplication.)
Change Logs (old and new values) are recorded.
Critical accesses are recorded such as log-in activity of SYSTEM user etc.,
Creates incidents in ThreatSenseAi ITSM. These incidents can’t be modified by anyone, including the admins. Also, it sends notifications to the key people in the organization.
Makes it audit ready.
Recommendations to CIOs/Head of IT:
1. Enable Intelligent Data Tiering: Shift cold or historical data to lower-cost storage with SAP HANA Native Storage Extension (NSE) or SAP ILM.
2. Optimize Audit Trail Settings: Only enable audit trails where required by laws and regulations and for business-critical objects. For example: Capture only DML & DDL activities from DB and ignore SAP S/4HANA Application level DML & DDL activities. This can be achieved easily with ThreatSenseAi Database Access Manager (DAM) solution.
3. Proactive Monitoring of Data Growth: Utilize SAP EarlyWatch Alerts, DBACOCKPIT, and external tools to monitor increasing tables and logs.
4. Archive Strategically: Leverage ILM-based archiving not only to ensure compliance but also to enhance system health.
As digital regulations grow stricter, supporting audit trails is no longer optional—nor is database optimization. Since SAP HANA licensing and infrastructure are so tightly coupled with DB size, effective data management is not only a technical imperative, it's an economic imperative. Those who remain ahead of this curve will not only ensure compliance but will also manage costs, enhance performance, and maximize ROI from SAP investments.
Talk to our Smart Sales team today! (sales@threatsenseai.com)Start writing today.