|
|
|
In any data center, programs are constantly changing. You can learn several things by watching how often they change. If programs in a production library are changed again and again over a short period of time, it can mean that they are not properly tested before they are put into production. This can cause a high incidence of program abends. It is also possible that programs require multiple changes because the user has poorly‑defined requirements. If sensitive programs are changed frequently (such as a payroll or accounts receivable program), it could be a sign of covert activity on the part of a programmer.
If good change control procedures are in place, you should be able to tie each change to an authorized request. But how do you know if the change control procedures really work? You must be able to determine what programs changed.
There are several ways to do this. You could search through SMF records, looking for updates to program libraries. But for any period of time at all, the volume of SMF records you need to review is tremendous. Also, the SMF records do not usually tell you which program was changed, only that the library was updated. Alternately, you could keep a secure copy of all the program libraries and compare the secure copy of each program to the current copy. However, just reading the output from all of these comparisons, not to mention running them, is a monumental task. One of the most reliable alternatives is to use the Program Freezer Option (5.5).
| Copyright © 2009 CA. All rights reserved. | Tell Technical Publications how we can improve this information |