ACIDs defined as security administrators do not have the attribute of NOATS.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-238 | TSS0900 | SV-238r2_rule | DCCS-1 DCCS-2 | Medium |
| Description |
|---|
| NOATS prevents the TSS administrator ACID from signing on through automatic terminal signon. If an ACID has ATS enabled, a terminal could be automatically assigned that ACID without a user being present. This applies to CICS, IMS, and IDMS. |
| STIG | Date |
|---|---|
| z/OS TSS STIG | 2019-12-12 |
Details
| Check Text ( C-4638r1_chk ) |
|---|
| Refer to the following reports produced by the TSS Data Collection: - TSSCMDS.RPT(@ALL) - TSSPRIV.RPT Automated Analysis Refer to the following report produced by the TSS Data Collection: - PDI(TSS0900) Review all security administrators to ensure that each one has the NOATS attribute. |
| Fix Text (F-18189r1_fix) |
|---|
| Review all security administrator ACIDs. Ensure the NOATS attribute has been assigned. Evaluate the impact of correcting the deficiency. Develop a plan of action and implement the changes. NOTE: The NOATS attribute may be added to an ACID or an ACID's PROFILE. The following command may be issued to determine if the NOATS attribute is defined to an ACID or an ACID's PROFILE: tss list( |