Z/OS (OS/390) Security Server RACF for Auditors

Overview
This course will enable the RACF auditor to determine if RACF has been correctly implemented. It will list all the system files that must be secured and describe how to ensure that RACF protection is not being circumvented.

Course objectives
After completing this course the attendee should be able to use RACF utilities and commands to verify that: RACF has been correctly implemented; RACF security cannot be circumvented; sensitive data or resources have the correct level of security and audit trail logging.

By the end of this course you will have learned
What RACF provisions are made for monitoring, recording and reporting the use of computer resource in an orderly, structured environment.

Who should attend
Auditors, IT staff involved in carrying out an audit of RACF system.

Pre-requisites
The RACF Administrators course, or equivalent background knowledge of RACF.

Course synopsis

• Getting Started
• Preliminary information
• TSO requirements
• The Auditor attribute
• Setting Audit Controls
• Logging Overview
• Global Logging Options
• User Auditing
• The Data Security Monitor (DSMON)
• How to run DSMON
• Reports produced
• RACF System Options