Tips for Preparing for Compliance Audits After Migrating SAP to AWS?

By
Elli Mongillo
-
0
5
Asked By CreativeCactus82 On

We recently completed our migration from ECC to S4HANA on AWS, thinking we had everything under control. However, our first SOX audit was a disaster, largely due to cloud security issues. The auditors were looking for evidence of continuous monitoring, configuration compliance, and change tracking across our AWS environment. Despite having some CloudTrail logs and Security Hub alerts, it wasn't enough. They pointed out several issues, including gaps in HANA security and questions about our network segmentation. They also wanted proof that we are identifying runtime problems in our containerized SAP workloads. Our existing on-premises audit playbook doesn't translate well to cloud, as the expected controls and visibility are quite different. Now, we're scrambling to implement essential measures that we should have set up from the start. For anyone who has dealt with post-migration audits, what compliance controls should we have in place? What tools or processes proved effective for SAP on AWS?

3 Answers

Answered By CloudGuru123 On

I feel for you, going through a failed compliance check is rough. I'd recommend checking out the AWS Well Architected Framework, especially the dedicated SAP lens. It offers guidance specific to your situation. Also, consider using AWS Audit Manager for collecting compliance evidence. Not sure if it supports SOX directly, but it might help in general evidence gathering.

Answered By TechWhiz26 On

I’ve seen this happen a lot. Often, the BASIS team is at fault for not collaborating effectively during the migration, leading to compliance gaps. It’s crucial for all teams to work together to keep security tight.

Answered By ComplianceNinja77 On

I’ve been there too. The key mistake teams make is relying on CloudTrail and Security Hub logs, which are more reactive. When auditors ask for 'continuous monitoring,' they’re usually looking for AWS Config, as it shows the current state of your environment and helps you track compliance drift. Implement AWS Config rules like checking for encrypted volumes and monitoring incoming traffic to support your network segmentation claims. Audit Manager does have a SOX framework built-in—definitely start there to map controls and automate evidence collection.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.