z/OS Security Server RACF Auditor's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Preliminary information

z/OS Security Server RACF Auditor's Guide
SA23-2290-00

Before conducting an audit, you should establish preliminary information concerning the type, size, and complexity of your installation. The following questions should help you get started.

  1. What are the processor complexes and their associated system control programs (SCPs), including the release and level of RACF® for each? You can use the DSMON reports to answer this particular question.
  2. For each processor complex, what are the subsystems—such as TSO/E, IMS/ESA®, CICS/ESA—protected by RACF (including the release and level of each)? List them.
  3. Are processor complexes linked (for example, by NJE, RSCS, JES2, or JES3)?
  4. Is DASD shared between systems? What type of data is shared?
  5. Do you have dial-up lines?
  6. Explain briefly the classification system.
  7. What is the highest classification of data processed and/or transmitted?
  8. Will you be using z/OS UNIX System Services?
Parent topic: Conducting the audit

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014