Auditing Best Practices › Regular z/OS System Audit Regimen
Regular z/OS System Audit Regimen
We recommend that you constantly audit your mainframe z/OS system by using CA Auditor. We also recommend that you create procedures to audit your physical IT environment.
Business Value:
Regular auditing using CA Auditor offers the following benefits:
- Helps maintain z/OS integrity through timely identification of z/OS customization and modifications
- Helps verify internal compliance to change control procedures
- Minimizes z/OS auditing costs through CA Auditor usage, whether through direct license or through CA Out-Tasking, which is a CA Services initiative whereby customers can engage us to perform regular services
Maintaining the integrity of the z/OS system is necessary to maintain proper system and application functionality. Regular audits can also satisfy many common compliance regulations, laws, and requirements, such as Sarbanes-Oxley (SOX) and the Payment Card Industry-Data Security Standard (PCI-DSS).
Additional Considerations:
As you devise your auditing regimen, consider the following points:
- The z/OS system is the foundation for the applications and data that run your business; therefore, if the z/OS system has integrity exposures, the associated applications have the same exposures.
- A sound security policy bolsters z/OS integrity. Similarly, a proper z/OS implementation supports your overall security because a user could exploit any weakness to circumvent critical security controls and damage your applications.
- Sound system integrity is the result of careful planning, well-defined procedures, proper security and change control mechanisms, and regular auditing to verify that users are following these procedures.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|