UCF STIG Viewer Logo

IBM RACF must be installed and active on the system.


Overview

Finding ID Version Rule ID IA Controls Severity
V-223760 RACF-OS-000040 SV-223760r604139_rule High
Description
Enterprise environments make account management for operating systems challenging and complex. A manual process for account management functions adds the risk of a potential oversight or other errors. IBM z/OS requires an external security manager to assure proper account management.
STIG Date
IBM z/OS RACF Security Technical Implementation Guide 2021-07-05

Details

Check Text ( C-25433r514968_chk )
Refer to IEASYS00 member in SYS1.PARMLIB Concatenation. Determine proper IEFSSnxx member.

If RACF is defined in the SubSystem member, this is not a finding.
Fix Text (F-25421r514969_fix)
Refer to the IBM Security Server RACF System Programmer Guide and the IBM Security Server RACF Security Administrator guide to properly implement RACF on the system.