Implementing Security for Batch › BATCH Considerations › Protecting BATCH Jobs

Protecting BATCH Jobs

The major consideration in implementing the BATCH facility is controlling access from batch jobs. Define a specific ACID for each batch production job or each group of batch production jobs. Code a USER= parameter on the JOB statement for each job in your production JCL library.

You then have the flexibility of specifying the appropriate security for each job in your site. You can:

• Group jobs together under the same ACID without tying yourself into other information on the JOB statement which might not be appropriate
• Specify special ACIDs for critical processing, such as payroll master file updating
• Modify the security required for a specific job

You do not have to determine which ACID is derived for a job based on your control option settings. The appropriate ACID is coded on the JOB statement.

You can use derived ACIDs as a permanent strategy in protecting batch processing, or you can migrate to specific ACIDs coded for each job. The derived ACID or the specifically coded ACID must exist or the batch job may abend.