RACF for Auditors

This course is designed for anyone involved in auditing a z/OS RACF environment. It provides a detailed insight into how to audit a z/OS environment with RACF enabled. The course describes and explains how RACF is implemented within a z/OS environment and the required security controls. The course also outlines the areas of z/OS where security exposures may be encountered.

This course is available 'on demand' (minimum 2 students) for public presentations live, over the Internet, and for exclusive, one-company, presentations.

What you will learn

On successful completion of this course you will be able to:

  • describe the key parmlib members that impact security
  • describe the significance of Authorized Libraries
  • describe the significance of SMF data for audit purposes
  • explain the RACF group structure
  • explain how RACF is enabled and controlled and the significance to auditing
  • explain how RACF protects general resources and the auditing implications
  • describe the RACF utilities, tables and exits
  • be able to interpret DSMON reports
  • explain the audit information produced in SMF records.

Who Should Attend

The course is suitable for personnel responsible for system auditing. It is also useful for anyone responsible for the security of a z/OS environment.


Attendees should have a clear understanding of z/OS at a conceptual level, which can be gained by attending the courses IBM Z Systems Environment - Introduced & Explained and z/OS Concepts and Facilities. The ability to use TSO can be achieved by attending the course TSO/ISPF Users Workshop, and a working knowledge of JCL can be gained by attending the course z/OS JCL Workshop Part 1 - Foundation Skills. A basic understanding of RACF is also required, and can be achieved by attending Understanding RACF.


3 days

Fee (per attendee)

£1750 (ex VAT)


This includes free online 24/7 access to course notes.


Hard copy course notes are available on request from rsmshop@rsm.co.uk

at £50.00 plus carriage per set.

Course Code



z/OS Security Overview

System Authorisation Facility (SAF); System Configuration data sets; System parameters; IEASYSxx; Authorised programs; Authorised Libraries; Program Properties Table.

RACF Overview

Access Control policy; RACF database; Userids; Groups; Profiles; Listing profiles; RACF messages.

Enabling RACF

RACF control options; SETROPTS; EGN; Protect All; Password processing; RVARY; System Authorities; Group Authorities; Connect Authorities; Universal Access; Access Lists.

RACF General Resources

RDEFINE; Console Class; Opercmds Class; CDT Class; Surrogat Class; Protecting CICS; Protecting Load modules; Defining Started Tasks; Facility Class; PERMITing Access; GAT; In-storage profiles.

RACF Utilities Tables & Exits

RACF Utilities; DSMON; RACF Tables; RACF Exits; DSMON practical exercise.

Auditing RACF

Auditor control options; RACF Report Writer; SMF unload process; Using SMF data for the audit.

© RSM Technology 2022