The Mainframe Product must provide a report generation capability that supports on-demand reporting requirements.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-205560 | SRG-APP-000367-MFP-000164 | SV-205560r851324_rule | Medium |
| Description |
|---|
| The report generation capability must support on-demand reporting in order to facilitate the organization's ability to generate incident reports as needed to better handle larger-scale or more complex security incidents The report generation capability provided by the application must be capable of generating on-demand (i.e., customizable, ad-hoc, and as-needed) reports. On-demand reporting allows personnel to report issues more rapidly to more effectively meet reporting requirements. Collecting log data and aggregating it to present the data in a single, consolidated report achieves this objective. This requirement is specific to applications with report generation capabilities; however, applications need to support on-demand reporting requirements. |
| STIG | Date |
|---|---|
| Mainframe Product Security Requirements Guide | 2022-09-22 |
Details
| Check Text ( C-5826r299907_chk ) |
|---|
| If the Mainframe Product does not perform audit data management or storage function, this is not applicable. Examine installation and configuration settings. Verify the Mainframe Product report generation capability supports on-demand reporting. If it does not, this is a finding. |
| Fix Text (F-5826r299908_fix) |
|---|
| Configure the Mainframe Product report generation capability to support on-demand reporting. |