| Refer to the following reports produced by the RACF Data Collection: |
If the SECURID group is defined and all sensitive users are connected to the SECURID group, this is not a finding.
NOTE: Sensitive users include systems programming personnel, security personnel, and other staff (e.g., DASD management, operations, auditors, technical support, etc.) with access to sensitive resources (e.g., operator commands, ACP privileges, etc.) that can modify the operating system and system software, and review/modify the security environment.