The Mainframe Product must provide a report generation capability that supports on-demand reporting requirements.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-68281	SRG-APP-000367-MFP-000164	SV-82771r1_rule		Medium

Description

The report generation capability must support on-demand reporting in order to facilitate the organization's ability to generate incident reports as needed to better handle larger-scale or more complex security incidents The report generation capability provided by the application must be capable of generating on-demand (i.e., customizable, ad-hoc, and as-needed) reports. On-demand reporting allows personnel to report issues more rapidly to more effectively meet reporting requirements. Collecting log data and aggregating it to present the data in a single, consolidated report achieves this objective. This requirement is specific to applications with report generation capabilities; however, applications need to support on-demand reporting requirements.

STIG	Date
Mainframe Product Security Requirements Guide	2017-06-22

Details

Check Text ( C-68841r1_chk )
If the Mainframe Product does not perform audit data management or storage function, this is not applicable. Examine installation and configuration settings. Verify the Mainframe Product report generation capability supports on-demand reporting. If it does not, this is a finding.

Fix Text (F-74395r1_fix)
Configure the Mainframe Product report generation capability to support on-demand reporting.