An error occurred:

Check: RACF-OS-000120

IBM z/OS RACF STIG: RACF-OS-000120 (in versions v8 r14 through v7 r1)

Title

IBM z/OS must employ a session manager to manage display of the Standard Mandatory DoD Notice and Consent Banner. (Cat II impact)

Discussion

Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. All methods of gaining access to the system must comply with this requirement to assure that regulations are upheld.

Check Content

Verify that any session manger in use displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system. If the session manager does not display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system, this is a finding.

Fix Text

Configure any session manger in use to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system.

Additional Identifiers

Rule ID: SV-223768r604139_rule

Vulnerability ID: V-223768

Group Title: SRG-OS-000023-GPOS-00006

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000048

The information system displays an organization-defined system use notification message or banner before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-8

System Use Notification