STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

IBM RACF must be installed and active on the system.

DISA Rule

SV-223760r604139_rule

Vulnerability Number

V-223760

Group Title

SRG-OS-000001-GPOS-00001

Rule Version

RACF-OS-000040

Severity

CAT I

CCI(s)

CCI-000015 - The organization employs automated mechanisms to support the information system account management functions.

Weight

Fix Recommendation

Refer to the IBM Security Server RACF System Programmer Guide and the IBM Security Server RACF Security Administrator guide to properly implement RACF on the system.

Check Contents

Refer to IEASYS00 member in SYS1.PARMLIB Concatenation. Determine proper IEFSSnxx member.

If RACF is defined in the SubSystem member, this is not a finding.

Vulnerability Number

V-223760

Documentable

False

Rule Version

RACF-OS-000040

Severity Override Guidance

Refer to IEASYS00 member in SYS1.PARMLIB Concatenation. Determine proper IEFSSnxx member.

If RACF is defined in the SubSystem member, this is not a finding.

Check Content Reference

Target Key

4101

IBM RACF must be installed and active on the system.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments