|
|
|
Most audit and security authorities agree that no one should have standing update authority to the APF libraries. Updates should go through a quality assurance or change control procedure. The operations staff should participate in their promotion to production.
Duplicate authorizations for libraries make the lists z/OS searches unnecessarily long, and could impact performance. Duplicate program names in the APF‑authorized libraries indicate that there is poor control against users running obsolete or regressed versions of modules. This could allow users to circumvent “integ” APARs and otherwise destroy the integrity of trusted authorized facilities by running mixed levels of a single program product or other subsystem.
| Copyright © 2009 CA. All rights reserved. | Tell Technical Publications how we can improve this information |