IBM RACF must be installed and active on the system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-223760 | RACF-OS-000040 | SV-223760r958362_rule | CCI-000015 | high |
| Description | ||||
| Enterprise environments make account management for operating systems challenging and complex. A manual process for account management functions adds the risk of a potential oversight or other errors. IBM z/OS requires an external security manager to assure proper account management. | ||||
| STIG | Date | |||
| IBM z/OS RACF Security Technical Implementation Guide | 2025-06-24 | |||
Details
Check Text (C-223760r958362_chk)
Refer to IEASYS00 member in SYS1.PARMLIB Concatenation. Determine proper IEFSSnxx member.
If RACF is defined in the SubSystem member, this is not a finding.
Fix Text (F-25421r514969_fix)
Refer to the IBM Security Server RACF System Programmer Guide and the IBM Security Server RACF Security Administrator guide to properly implement RACF on the system.