5. MICF Administration5.1 Tasks Performed During Installation5.1.6 Production Reporting › 5.1.6.1 Controlling Access to Reports and Graphics

Previous Topic: 5.1.6 Production Reporting

Next Topic: 5.1.6.2 Defining a Production Reporting Job Stream

5.1.6.1 Controlling Access to Reports and Graphics


Each production reporting jobstream definition (or production
catalog) allocates unique, user-defined printed report and
color graphics catalog data sets.  You will define three
permanent data sets.  The production reporting catalog data
set contains ISPF tables that define the reporting jobstream
(inquiries executed, execution parameters, data set
allocation parameters, etc.) and identify the saved outputs.
Two separate data sets contain actual printed reports (and
MICSLOG and SAS log) and color graphics outputs.

Production reporting outputs are reviewed through the MICF
Reports and Graphics option.  This option displays the
inquiry output catalogs available at your data center,
including the standard MICF shared inquiry output catalog,
private foreground and batch inquiry output catalogs, and
production reporting output catalogs.  You can use your
data center's security facilities (for example, RACF) to
control access to production catalogs.

Use your data center security facilities to limit read
access to the catalog table and associated printed report and
color graphics catalog data sets to those users who are
authorized to review the reports and graphics.  A security
exception will occur whenever a user attempts unauthorized
reports and graphics access, and MICF will tell the user that
access was denied.

Special security considerations may be required for defining,
maintaining, and executing production reporting jobstreams.
You must have UPDATE access to sharedprefix.MICS.ISPTLIB to
add or delete a production reporting jobstream, or to modify
jobstream name, title, associated CA MICS job, and DB ID
specifications.  However, you can specify the MICF inquiries
to be executed with the production reporting jobstream,
execution options, and data set allocation parameters without
UPDATE authority for sharedprefix.MICS.ISPTLIB.

The CA MICS Administrator can allow an application group to
control its own production reporting.  The CA MICS
Administrator would insert a production reporting jobstream
and specify the CA MICS production job and DB ID association
(if any). The application group could then complete and
maintain the production reporting jobstream definition
without sharedprefix.MICS.ISPTLIB UPDATE authority.  They
could even choose to block CA MICS Administrator access to
the production catalog.

In establishing your reports and graphics security, remember
that the CA MICS reporting jobs must be able to update
production catalogs if you are using the production interface
option to generate reports and graphics with CA MICS
reporting jobs.  The CA MICS reporting job must have UPDATE
access to ALL data sets associated with the production
reporting jobstream (that is, the catalog table, printed
reports catalog, color graphics catalog, temporary report
staging, and temporary MICSLOG data sets).