Mainframe Systems: Audit Issues for Service Managers


Stringent auditing of IT systems and their security is rapidly becoming the norm for many Data Centres. This two-day course from RSM has been designed and built for Service Managers who are responsible for products or functions that may come under the scrutiny of Auditors.
The course covers the significant areas of z/OS and its major subsystems, along with the skill requirements of data centre personnel.
For one-company, on-site presentations RSM will customise the course to reflect the particular business and technical needs of clients and the current skill levels of the intended attendees.

This course is also available 'on demand' (minimum 2 students) for public presentation.

Objectives

On successful completion of this course you will be able to:

  • assess the management of security policies at their organisation
  • identify strengths and weaknesses in those policies
  • understand the general areas targeted by a technical audit
  • understand the USS issues targeted by a technical audit
  • appreciate the DB2 issues targeted by a technical audit
  • understand the CICS & IMS issues targeted by a technical audit.

Who Should Attend

This course is suitable for all Service Managers, Team Leaders and senior Technical Support personnel whose areas of responsibility may be audited.

Prerequisites

A good technical understanding of the IBM mainframe computing environment. This can be gained by attending the course IBM z Systems - Explained.

Duration

2 days

Fee (per attendee)

£900 (ex VAT)

Course Code

MTSS

Contents

General Mainframe Audit issues

Configuration & hardware; 3270 ssues; organisation & trust; SMF & SYSLOG; TSO & SDSF; Job scheduling & batch.

z/OS Security Issues

System Authorization Facility (SAF) security principals; z/OS controls & drivers; Security products; RACF overview; PARMLIB members requiring Audit; Personnel and skills requirements.

z/OS RACF Components

RACF control options; SETROPTS; Resource permission; Searching the RACF database; RVARY; Password processing; Systems Special, Operations & Auditor; Auditor authorities.

RACF Utilities

RACF; The FACILITY class; RACF utilities; Using Data Security Monitor (DSMON); Detailed analysis of DSMON output; RACF tables; RACF exits; Administration and auditing tools.

UNIX System Services Issues

Hierarchical File Systems; Userids; UNIXPRIV class; Files & Directories; USS security basics; Access Lists (ACLs); Audit issues.

CICS Security Issues

CICS transactions, tasks & programs; CICS Web Support; Accessing CICS; CICS resources; CICS-RACF interface. Personnel and skills requirements.

DB2 Security Issues

What is DB2?; DB2 Address Spaces; DB2 structures; DB2 security overview; Personnel and skills requirements.


© RSM Technology 2017