Interskill Learning Mainframe Training

770-872-4278

The Online Mainframe Training Specialists
Search   Course Catalog   Live Chat!  
Return to Catalog Home     Return to Curriculum Listing

RACF - For Auditors 2.4

Duration

4 hours

Overview

The “RACF - For Auditors” course describes the various types of data center audits and discusses the role of an internal auditor when performing a RACF audit. It expands this to look at the general steps to ensure that RACF managed security is aligned with both organizational security standards, and external compliance regulations. RACF auditor privileges are discussed in detail describing how audit information is stored and the commands used to request the capture of specific events. The type of data that can be unloaded from SMF, and the RACF database, is explained along with details on how ICETOOL can be used to process this information to create audit reports.

Audience

Security administrators, and IT auditors who are responsible for auditing the RACF environment. System programmers would also benefit from this course, giving them a better understanding of audit requirements from a RACF perspective.

Prerequisites

Successful completion of all other RACF courses in this curriculum, or equivalent knowledge.

Objectives

    After completing this course, the student will be able to:
  • Identify general processes when undertaking a RACF audit
  • Identify RACF Auditor roles
  • Describe general RACF auditing controls
  • Describe how RACF information is logged
  • Describe how the SMF dump utility is used to extract RACF records
  • Run the IRRDBU00 utility to unload the RACF database
  • Run ICETOOL jobs to create reports from unloaded data

Course Content

Introduction to RACF Auditing

Why a RACF audit is required
Internal and External audits
Tools to assist you with a RACF audit
Audit certification opportunities
Technical skills and knowledge to perform a RACF audit
The RACF auditing process

RACF Auditing Controls and Options

RACF audit roles
Assigning Auditor privileges
Logging of security-related events
Owner-controlled and Auditor-controlled logging
AUDIT and NOAUDIT controls
Using LOGOPTIONS to define what is logged
Logging command violations
GLOBALAUDIT attribute
Auditing z/OS UNIX

RACF Audit Utilities and Reports

RACF SMF record types
IRRADU00 utility
Sorting unloaded SMF data
Creating XML data from unloaded SMF records
Unloading RACF database content
Creating ICETOOL reports
Invoking the RACFICE procedure
Pre-defined ICETOOL reports
Creating a customized ICETOOL report

RACF - For Auditors 2.4 Mastery Test

Looking for more information about Interskill Learning Products?
Contact our Learning Consultants or call us at 770-872-4278