The IBM z/OS system administrator (SA) must develop a process to notify appropriate personnel when accounts are deleted.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-223764	RACF-OS-000080	SV-223764r998362_rule	CCI-000015	medium
Description
Audit tools include, but are not limited to, vendor-provided and open source audit tools needed to successfully view and manipulate audit information system activity and records. Audit tools include custom queries and report generators.
STIG			Date
IBM z/OS RACF Security Technical Implementation Guide			2025-06-24

Related Frameworks

2 paths across 2 frameworks

NIST 800-531 mapping

AC-2(1)

1.00

DISA · 9 · disa_xccdf · related
DISA · 2025-01-23 · disa_cci_list · equivalent

CCI1 mapping

CCI-000015

1.00

DISA · 9 · disa_xccdf · related

Details

Check Text (C-223764r998362_chk)

Ask the SA for the documented process to notify appropriate personnel when accounts are deleted. If there is no documented process, this is a finding.

Fix Text (F-25425r514981_fix)

Develop a documented develop a process to notify appropriate personnel when accounts are deleted.