IBM RACF must be installed and active on the system.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| high | V-223760 | SRG-OS-000001-GPOS-00001 | RACF-OS-000040 | SV-223760r958362_rule | 2025-03-11 | 9 |
| Description |
|---|
| Enterprise environments make account management for operating systems challenging and complex. A manual process for account management functions adds the risk of a potential oversight or other errors. IBM z/OS requires an external security manager to assure proper account management. |
| ℹ️ Check |
|---|
| Refer to IEASYS00 member in SYS1.PARMLIB Concatenation. Determine proper IEFSSnxx member. If RACF is defined in the SubSystem member, this is not a finding. |
| ✔️ Fix |
|---|
| Refer to the IBM Security Server RACF System Programmer Guide and the IBM Security Server RACF Security Administrator guide to properly implement RACF on the system. |