|
|
|
To complete the checklists in this chapter, use the options from the ESM External Security Manager Analysis menu. To access this menu select option 7 from the Primary Menu.
The Audit tests described in these checklists analyze the controls which affect how your ESM is implemented on your system:
Analyze the total security system environment, including the system authorization facility (SAF) environment and the installation-specific ESM environment in use on your system. The focus is on user exit points that, if present, can customize or alter the processing of SAF and ESM-specific security calls.
Analyze the manner in which security-related files are specified to your ESM, as well as the specific data sets in use on your system.
Analyze the active SAF resource classes, known as the class descriptor table (CDT). IBM documents standard SAF resource class definitions. Many characteristics of these should not be altered because they impact security.
Use the W/P Ref column on these checklists to record a cross-reference to the work paper that documents your findings about the aspect of z/OS, SAF, and your ESM that the checklist analyzes.
| Copyright © 2009 CA. All rights reserved. | Tell Technical Publications how we can improve this information |