UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

IBM z/VM system administrator must develop procedures to manually control temporary, interactive, and emergency accounts.


Overview

Finding ID Version Rule ID IA Controls Severity
V-237969 IBMZ-VM-002390 SV-237969r649747_rule Medium
Description
Proper handling of temporary, inactive, and emergency accounts require automatic notification and action rather than at the convenience of the systems administrator. However in the absence of automated process manual procedures must be in place to assure that possible sensitive accounts are not compromised.
STIG Date
IBM zVM Using CA VM:Secure Security Technical Implementation Guide 2021-06-16

Details

Check Text ( C-41179r649745_chk )
Ask the system administrator (SA) for documented manual procedures to handle temporary, inactive, and emergency accounts.

If there are no procedures or they are not documented and filed with the ISSM/ISSO, this is a finding.
Fix Text (F-41138r649746_fix)
Develop a manual procedure to handle temporary, inactive, and emergency accounts in accordance with appropriate policies.

Ensure that the procedures are documented and filed with ISSM/ISSO.