You should protect all control data sets with resource protection such as RACF®, a component of the Security Server for z/OS. RACF protects the control data sets from being updated by unauthorized programs and unauthorized personnel.

For more information about protecting control data sets, see Authorizing and protecting DFSMShsm commands and resources.