RACF for Auditors
The “RACF for System Auditors” course describes the purpose of an audit and provides an overview of steps used when planning one. Following this, more in-depth RACF audit commands and controls are discussed along with the types of reports that can be produced.
Security administrators, and IT auditors who are responsible for auditing a z/OS environment. System programmers would also benefit from this course, giving them a better understanding of audit requirements from a RACF perspective.
Successful completion of all other RACF courses in this curriculum or equivalent knowledge.
- After completing this course, the student will be able to:
- Describe general z/OS environment audit requirements
- Identify the resources used to audit RACF
- Describe how RACF information is logged
- Identify commands and ISPF options used to obtain RACF data
- Run utilities used to report on RACF-recorded activity
- Describe how to RACF report data is applied to audit objectives
Auditing Objectives and Planning
What is an Audit?
Auditing RACF as Part of an Overall Mainframe Audit
What Auditing Skills are Required?
Identifying Audit Objectives
Obtaining Policy, Standards, and Procedures
Tools and Resources Used to Assist with a RACF Audit
Gathering Audit Information
Auditing Controls and Options
AUDITOR and ROAUDIT Attributes
Listing and Defining Audit Controls
Auditing z/OS UNIX
RACF Audit Utilities and Reports
SMF Data Unload Facility
Using zSecure and Other Tools to Unload Data
Using ICETOOL to Generate Reports
Data Security Monitor Reports
What to Look for in Audit Reports
RACF for Auditors Mastery Test
This course is part of
the IBM Digital Badge Program
Interskill - Mainframe Systems Auditor
RACF – Experienced