search

resilient-tech / india-compliance

Simple, yet powerful compliance solutions for Indian businesses
https://indiacompliance.app
GNU General Public License v3.0
145 stars 135 forks source link

Audit Trail Requirement #2636

Open bhavyajicomputers opened 1 month ago

bhavyajicomputers commented 1 month ago

Hi, For all the relevant tables/transaction relevant to the books of account, for the tables events logs as below should be enabled and captured for the entire year

a. DDL events: Log Data Definition Language (DDL) statements, such as CREATE, ALTER, and DROP statements, providing information about schema changes and object modifications

b. DML events: Log Data Manipulation Language (DML) statements, such as INSERT, UPDATE, and DELETE statements, allowing you to track changes made to the data in your database.

c. Role and privilege events: Log events related to user roles and privileges, such as user login and logout events, role creation and deletion, and changes to user privileges.

The logs of all such events mentioned above should be stored and retained. The logs should capture ‘what change was made’, ‘who made the change’, and ‘when was the change made’

Kindly do needful to make them available for audit trail

vorasmit commented 1 day ago

We understand audit trail is required and we believe it's there. We are unsure if this needs to be at database level. If you think this is a requirement, please share the references for the same.

Auditors may ask this for better internal controls, but may not necessarily lead to non-compliance.