What about file encryption with SQL files?

I noticed that you encrypt the TPS file. With a SQL file, I suspect that the programmer should recur to using a different database user, to prevent ordinary users from selecting/updating/deleting the audit lines... is this your approach?

There are different tastes in the SQL approach, so I left it up to the developers choice. Some prefer to use strong encryption before/after reading the records, others are ok with no encryption at all.