Key Resources provides a proven and tested methodology for assessing CA ACF2™, CA Top Secret® or IBM® RACF® environments. Our Security Audit and Review service begins with staff interviews and an assessment of your current business environment, as well as an in-depth review of your current security and mainframe z/OS implementation. We will review Operating System Control Parameters, access to the system, data, resources, authority to change rules, separation of authority, mainframe and security database configurations, implementation parameter settings, number of users/groups/profiles/permissions, roles definitions, users with the ability to bypass security and at what level, password requirements and much more.
Mainframe Security Compliance Audit Results: The Security Assessment Report
A Security Assessment Report (SAR) is prepared by the appropriate consultant, depending upon which security package you have installed: IBM RACF, CA Top Secret or CA ACF2 and z/OS security. The report contains findings and recommendations resulting from the assessment, and is customized to meet the needs of the organization.
The executive summary contains a synopsis of the finding(s), including the business risks associated with the finding, followed by a recommendation. The recommendation contains effort, resource and the funding requirements required to address the risk.
This report provides a detailed explanation of the finding(s), data to corroborate the finding, business and technical risks associated with the findings and recommendations pertaining to the areas assessed.