Navigate

Check: RACF-OS-000080

IBM z/OS RACF STIG: RACF-OS-000080 (in versions v9 r3 through v9 r1)

Title

The IBM z/OS system administrator (SA) must develop a process to notify appropriate personnel when accounts are deleted. (Cat II impact)

Discussion

Audit tools include, but are not limited to, vendor-provided and open source audit tools needed to successfully view and manipulate audit information system activity and records. Audit tools include custom queries and report generators.

Check Content

Ask the SA for the documented process to notify appropriate personnel when accounts are deleted. If there is no documented process, this is a finding.

Fix Text

Develop a documented develop a process to notify appropriate personnel when accounts are deleted.

Additional Identifiers

Rule ID: SV-223764r998362_rule

Vulnerability ID: V-223764

Group Title: SRG-OS-000276-GPOS-00106

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000015	Support the management of system accounts using organization-defined automated mechanisms.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AC-2(1)	Automated System Account Management