CA-ACF/2 for Auditors

Objectives
On successful completion of this course, attendees will be able to:

• recognise all of the major ACF/2 components
• explain auditing objectives
• set audit controls for users, datasets and resources
• interpret audit and logging reports.

Who Should Attend
The course is suitable for anyone wishing to gain a clear understanding of ACF/2 auditing techniques.
Prerequisites
None.
Duration
2 days
Course Code
ACAF
Contents
ACF/2 overview
The need for security; general threats; tightening security; security policy; naming standards; security administration; auditing.


CA-ACF/2 architecture
Introduction; databases, Logonids, resource rules, UID strings: z/OS implementation; system interfaces; messages.


ACF/2 auditing functions
Auditing objectives, identifying security exposures, the ACF/2 AUDIT Logonid privilege field, ACF/2 access control.


ACF/2 auditing controls
System, dataset and resource access logging; TAPE BLP logging; TAPE LBL logging; logged and restricted programs.


ACF/2 auditing reports
Running ACF2 logging and violation reports; reviewing ACF2 logging and violation reports; using ACF2 ISPF panels to run logging and violation reports


Question & answer session