IBM zSecure RACF and SMF Auditing

This training is targeted for RACF security administrators and auditors who are responsible for administering RACF, generating audit reports, and auditing RACF and z/OS security. RACF and z/OS compliance officers also benefit from attending this training.

After this course participants should be able to:

• Describe and explain the flow of a security call from z/OS and resource Managers to RACF
• Perform user ID and password audit analysis
• Audit sensitive user IDs and z/OS resources and create audit reports about who can define RACF profiles
• Create audit reports for the CICS, IMS, and DB2 subsystems
• Review the system-wide Audit settings, select and process predefined SMF reports, and define custom SMF reports
• Utilize the Access Monitor reports to clean up the RACF database
• Audit changes to system-sensitive libraries and sequential data sets

Unit 1: Introduction to RACF auditing

Unit 2: Auditing user IDs and passwords

Unit 3: Auditing sensitive resources

Unit 4: Auditing subsystems

Unit 5: Auditing SMF

Unit 6: Using Access Monitor and RACF-Offline

Unit 7: Analyzing libraries and sequential data sets

Before taking this course, make sure that you have the following skills:

• Basic knowledge of, and experience with, the z/OS platform, RACF, and zSecure
• The ability to log on to TSO and use ISPF panels

If applicable, you can achieve these skills by attending one or more of the following courses:

• IBM Security zSecure Admin Basic Administration and Reporting TK264G
• Basics of z/OS RACF Administration ES19G
• Effective RACF Administration BE87G

Official course book provided to participants