zSecure RACF and SMF Auditing

This zSecure class is designed, written and presented by RACF & zSecure specialists. This is a hands-on course, in which attendees will learn how to audit the content of their RACF database and z/OS system, and to measure the results against the security requirements of a selected policy level. Additionally, you will learn how to review the current general SMF & RACF audit settings and interpret the pre-defined SMF audit reports. Attendees will also be shown how to create their own customized SMF reports.
This course is available for one-company presentations, either on-site or over the Internet via the Virtual Classroom Environment service.

What you will learn

On successful completion of this course you will be able to:

  • describe the flow of a security call from Resource Managers to RACF
  • perform user and password audit analysis
  • use the Audit functions to report on sensitive users and z/OS resources
  • create Audit reports on key RACF and z/OS system tables
  • review the system-wide Audit settings
  • select and process predefined SMF reports
  • define custom SMF reports.

Who Should Attend

The course is suitable for security administrators and auditors involved in administering, reporting, and auditing RACF and z/OS security.


Attendees should have thorough working knowledge of RACF or have attended the RSM course RACF Administration & Auditing and (ideally) the course zSecure Basic Admin & Reporting.


2 days

Fee (per attendee)

£1400 (ex VAT)

Course Code



Introduction to RACF Auditing

This segment of the course explains the basic working and architecture of the RACF database and the interfaces with z/OS and the other resource managers. You will also learn how you can audit the central RACF control tables.

Auditing Users and Passwords

Explains the characteristics (password, attributes and authorities) of userids and how they can be audited using zSecure Audit.

Auditing Resources

Auditing sensitive resources, including programs, and how to identify users that are authorised to create various types of profiles.

SMF Auditing

Use zSecure Audit to report about events that have been written to SMF records.

Library Analysis

Analyse libraries for changes and duplicate members using zSecure Audit.

Question & Answer Session

© RSM Technology 2020