Auditing Best Practices › Compliance Auditing
Compliance Auditing
We recommend using CA CM which provides a single source for real-time, compliance-related information and events occurring within the mainframe environment.
Business Value:
CA CM lets you easily manage and audit your mainframe environment. It accomplishes this with continuous, real-time monitoring and collection of compliance and security-related information, policy alerting, and an intuitive reporting interface for compliance and security event reporting. It also gives you the comprehensive auditing tools that you need to prove your compliance to IT and risk-management auditors.
Additional Considerations:
CA CM consists of several components:
- The Change Monitor detects and records changes to external security manager (ESM) configurations, operating system security configuration, and selected PDS/PDSE data sets.
- The Data Warehouse stores information about mainframe security events in a relational repository that is accessible for compliance reporting, allowing complex reporting processes to be initiated. It also provides real-time access to current and historical security information for forensic analysis, going beyond current reporting capabilities of security products.
- The Alert component provides real-time notification of potential security breaches indicated by changes in the security configuration and specific security events. Stakeholders can receive immediate notification of pertinent violations, user activity, and access or change activity to critical resources using email notification, Write To Operator (WTO), or help desk ticket creation.
- The Logger component writes information about mainframe security events to a dedicated z/OS log stream. A historical record of security events is maintained to address compliance and audit requirements and security forensics. This approach provides greater capability and is easier to use than standard log collection using SMF and file-based security journals.
- A web-enabled user interface provides summary and detailed reports that answer the audit question—Who accessed what, from where, and when. For example, you can report on everything a specific user has accessed or everyone who accessed a resource due to a specific permission. From the web interface, you can also create the policy statements that control what events are captured and the actions to take.
More Information:
For a complete description of this product, see the CA CM Implementation Guide.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|