{\rtf1\adeflang1025\ansi\ansicpg936\uc2\adeff0\deff0\stshfdbch13\stshfloch0\stshfhich0\stshfbi0\deflang1033\deflangfe2052{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f13\fnil\fcharset134\fprq2{\*\panose 02010600030101010101}\'cb\'ce\'cc\'e5{\*\falt SimSun};} {\f18\fmodern\fcharset136\fprq1{\*\panose 02020309000000000000}MingLiU{\*\falt \'b2\'d3\'a9\'fa\'c5\'e9};}{\f36\fnil\fcharset134\fprq2{\*\panose 02010600030101010101}@\'cb\'ce\'cc\'e5;} {\f82\fmodern\fcharset136\fprq1{\*\panose 02020309000000000000}@MingLiU;}{\f179\froman\fcharset238\fprq2 Times New Roman CE;}{\f180\froman\fcharset204\fprq2 Times New Roman Cyr;}{\f182\froman\fcharset161\fprq2 Times New Roman Greek;} {\f183\froman\fcharset162\fprq2 Times New Roman Tur;}{\f184\fbidi \froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f185\fbidi \froman\fcharset178\fprq2 Times New Roman (Arabic);}{\f186\froman\fcharset186\fprq2 Times New Roman Baltic;} {\f187\froman\fcharset163\fprq2 Times New Roman (Vietnamese);}{\f311\fnil\fcharset0\fprq2 SimSun Western{\*\falt SimSun};}{\f361\fmodern\fcharset0\fprq1 MingLiU Western{\*\falt \'b2\'d3\'a9\'fa\'c5\'e9};} {\f541\fnil\fcharset0\fprq2 @\'cb\'ce\'cc\'e5 Western;}{\f1001\fmodern\fcharset0\fprq1 @MingLiU Western;}}{\colortbl;\red0\green0\blue0;\red0\green0\blue255;\red0\green255\blue255;\red0\green255\blue0;\red255\green0\blue255;\red255\green0\blue0; \red255\green255\blue0;\red255\green255\blue255;\red0\green0\blue128;\red0\green128\blue128;\red0\green128\blue0;\red128\green0\blue128;\red128\green0\blue0;\red128\green128\blue0;\red128\green128\blue128;\red192\green192\blue192;\red255\green153\blue0;} {\stylesheet{\qj \li0\ri0\nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \rtlch\fcs1 \af0\afs24\alang1025 \ltrch\fcs0 \fs21\lang1033\langfe2052\kerning2\loch\f0\hich\af0\dbch\af13\cgrid\langnp1033\langfenp2052 \snext0 Normal;} {\*\cs10 \additive \ssemihidden Default Paragraph Font;}{\* \ts11\tsrowd\trftsWidthB3\trpaddl108\trpaddr108\trpaddfl3\trpaddft3\trpaddfb3\trpaddfr3\trcbpat1\trcfpat1\tblind0\tblindtype3\tscellwidthfts0\tsvertalt\tsbrdrt\tsbrdrl\tsbrdrb\tsbrdrr\tsbrdrdgl\tsbrdrdgr\tsbrdrh\tsbrdrv \ql \li0\ri0\widctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \rtlch\fcs1 \af0\afs20 \ltrch\fcs0 \fs20\lang1024\langfe1024\loch\f0\hich\af0\dbch\af13\cgrid\langnp1024\langfenp1024 \snext11 \ssemihidden Normal Table;}{ \s15\qc \li0\ri0\nowidctlpar\brdrb\brdrs\brdrw15\brsp20 \tqc\tx4153\tqr\tx8306\wrapdefault\aspalpha\aspnum\faauto\nosnaplinegrid\adjustright\rin0\lin0\itap0 \rtlch\fcs1 \af0\afs18\alang1025 \ltrch\fcs0 \fs18\lang1033\langfe2052\kerning2\loch\f0\hich\af0\dbch\af13\cgrid\langnp1033\langfenp2052 \sbasedon0 \snext15 \styrsid15098623 header;}{\s16\ql \li0\ri0\nowidctlpar \tqc\tx4153\tqr\tx8306\wrapdefault\aspalpha\aspnum\faauto\nosnaplinegrid\adjustright\rin0\lin0\itap0 \rtlch\fcs1 \af0\afs18\alang1025 \ltrch\fcs0 \fs18\lang1033\langfe2052\kerning2\loch\f0\hich\af0\dbch\af13\cgrid\langnp1033\langfenp2052 \sbasedon0 \snext16 \styrsid15098623 footer;}{\*\cs17 \additive \rtlch\fcs1 \af0 \ltrch\fcs0 \ul\cf2 \sbasedon10 \styrsid15098623 Hyperlink;}}{\*\latentstyles\lsdstimax156\lsdlockeddef0}{\*\pgptbl {\pgp\ipgp0\itap0\li0\ri0\sb0\sa0}}{\*\rsidtbl \rsid655764 \rsid811358\rsid1069012\rsid1074055\rsid1318786\rsid1462542\rsid2231290\rsid2847010\rsid2909350\rsid3146529\rsid3152368\rsid3153644\rsid3409549\rsid3869496\rsid4001084\rsid4197693\rsid4419642\rsid4477090\rsid5848812\rsid6441775\rsid6492656\rsid6493368 \rsid7939098\rsid8674677\rsid8869018\rsid8944438\rsid9449096\rsid10106844\rsid10236727\rsid10246904\rsid10505668\rsid10707375\rsid10897542\rsid11282186\rsid11941893\rsid12669821\rsid13312263\rsid13773176\rsid14707564\rsid14892288\rsid15098623\rsid15222873 \rsid15611782\rsid15665703\rsid15817367\rsid15866361\rsid16080730\rsid16195404\rsid16517661\rsid16546564\rsid16607898}{\*\generator Microsoft Word 11.0.0000;}{\info{\title ENDEVOR AUDIT PROGRAM}{\subject ENDEVOR AUDIT PROGRAM}{\author Document Search} {\keywords Document Search}{\doccomm http://www.nuokui.com/txt/MMaoFXSHOJZI.html}{\operator www.downhi.com}{\creatim\yr2010\mo9\dy28\hr22\min9}{\revtim\yr2014\mo4\dy4\hr1\min23}{\version26}{\edmins1077}{\nofpages1}{\nofwords27}{\nofchars168}{\*\manager http://www.downhi.com/} {\*\company http://www.downhi.com/}{\*\category Document Search}{\nofcharsws186}{\vern24617}{\*\password 00000000}}{\*\xmlnstbl {\xmlns1 http://schemas.microsoft.com/office/word/2003/wordml}{\xmlns2 urn:schemas-microsoft-com:office:smarttags}} \paperw11906\paperh16838\margl1134\margr1134\margt1134\margb1134\gutter0\ltrsect \deftab420\ftnbj\aenddoc\donotembedsysfont1\donotembedlingdata0\grfdocevents0\validatexml1\showplaceholdtext0\ignoremixedcontent0\saveinvalidxml0\showxmlerrors1\formshade\horzdoc\dgmargin\dghspace180\dgvspace156\dghorigin1134\dgvorigin1134\dghshow0 \dgvshow2\jcompress\lnongrid\viewkind1\viewscale85\splytwnine\ftnlytwnine\htmautsp\useltbaln\alntblind\lytcalctblwd\lyttblrtgr\lnbrkrule\nobrkwrptbl\snaptogridincell\allowfieldendsel\wrppunct\asianbrkrule\rsidroot3869496\newtblstyruls\nogrowautofit {\*\fchars !),.:\'3b?]\'7d\'a1\'a7\'a1\'a4\'a1\'a6\'a1\'a5\'a8\'44\'a1\'ac\'a1\'af\'a1\'b1\'a1\'ad\'a1\'c3\'a1\'a2\'a1\'a3\'a1\'a8\'a1\'a9\'a1\'b5\'a1\'b7\'a1\'b9\'a1\'bb\'a1\'bf\'a1\'b3\'a1\'bd\'a3\'a1\'a3\'a2\'a3\'a7\'a3\'a9\'a3\'ac\'a3\'ae\'a3\'ba\'a3\'bb\'a3\'bf\'a3\'dd\'a3\'e0\'a3\'fc\'a3\'fd\'a1\'ab\'a1\'e9 }{\*\lchars ([\'7b\'a1\'a4\'a1\'ae\'a1\'b0\'a1\'b4\'a1\'b6\'a1\'b8\'a1\'ba\'a1\'be\'a1\'b2\'a1\'bc\'a3\'a8\'a3\'ae\'a3\'db\'a3\'fb\'a1\'ea\'a3\'a4}\fet0{\*\wgrffmtfilter 013f}\ilfomacatclnup0{\*\template C:\\Documents and Settings\\Administrator\\\'d7\'c0\'c3\'e6\\doc.dot}{\*\ftnsep \ltrpar \pard\plain \ltrpar\qj \li0\ri0\nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \rtlch\fcs1 \af0\afs24\alang1025 \ltrch\fcs0 \fs21\lang1033\langfe2052\kerning2\loch\af0\hich\af0\dbch\af13\cgrid\langnp1033\langfenp2052 {\rtlch\fcs1 \af0 \ltrch\fcs0 \insrsid14707564 \chftnsep \par }}{\*\ftnsepc \ltrpar \pard\plain \ltrpar\qj \li0\ri0\nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \rtlch\fcs1 \af0\afs24\alang1025 \ltrch\fcs0 \fs21\lang1033\langfe2052\kerning2\loch\af0\hich\af0\dbch\af13\cgrid\langnp1033\langfenp2052 {\rtlch\fcs1 \af0 \ltrch\fcs0 \insrsid14707564 \chftnsepc \par }}{\*\aftnsep \ltrpar \pard\plain \ltrpar\qj \li0\ri0\nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \rtlch\fcs1 \af0\afs24\alang1025 \ltrch\fcs0 \fs21\lang1033\langfe2052\kerning2\loch\af0\hich\af0\dbch\af13\cgrid\langnp1033\langfenp2052 {\rtlch\fcs1 \af0 \ltrch\fcs0 \insrsid14707564 \chftnsep \par }}{\*\aftnsepc \ltrpar \pard\plain \ltrpar\qj \li0\ri0\nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \rtlch\fcs1 \af0\afs24\alang1025 \ltrch\fcs0 \fs21\lang1033\langfe2052\kerning2\loch\af0\hich\af0\dbch\af13\cgrid\langnp1033\langfenp2052 {\rtlch\fcs1 \af0 \ltrch\fcs0 \insrsid14707564 \chftnsepc \par }}\ltrpar \sectd \ltrsect\linex0\headery851\footery992\colsx425\endnhere\sectlinegrid312\sectspecifyl\sectrsid6493368\sftnbj {\headerr \ltrpar \pard\plain \ltrpar\s15\qc \li0\ri0\nowidctlpar\brdrb\brdrs\brdrw15\brsp20 \tqc\tx4153\tqr\tx8306\wrapdefault\aspalpha\aspnum\faauto\nosnaplinegrid\adjustright\rin0\lin0\itap0 \rtlch\fcs1 \af0\afs18\alang1025 \ltrch\fcs0 \fs18\lang1033\langfe2052\kerning2\loch\af0\hich\af0\dbch\af13\cgrid\langnp1033\langfenp2052 {\rtlch\fcs1 \af0\afs30 \ltrch\fcs0 \b\f13\fs30\cf6\insrsid1074055\charrsid1074055 \hich\af13\dbch\af13\loch\f13 Free Document Search and Download}{\rtlch\fcs1 \af0\afs30 \ltrch\fcs0 \b\fs30\cf6\loch\af13\insrsid6493368\charrsid1074055 \par }{\field{\*\fldinst {\rtlch\fcs1 \af0\afs32 \ltrch\fcs0 \f13\fs32\cf6\insrsid14892288 \hich\af13\dbch\af13\loch\f13 HYPERLINK "http://www.downhi.com/" }{\rtlch\fcs1 \af0\afs32 \ltrch\fcs0 \fs32\cf6\loch\af13\insrsid10707375\charrsid14892288 {\*\datafield 00d0c9ea79f9bace118c8200aa004ba90b0200000003000000e0c9ea79f9bace118c8200aa004ba90b4e00000068007400740070003a002f002f00770065006e00640061006e0067002e0064006f00630073006f0075002e0063006f006d002f000000795881f43b1d7f48af2c825dc485276300000000a5ab0000000000}} }{\fldrslt {\rtlch\fcs1 \af0\afs32 \ltrch\fcs0 \cs17\f13\fs32\ul\cf2\insrsid3146529\charrsid14892288 \hich\af13\dbch\af13\loch\f13 http://www.downhi.com/}}}\sectd \linex0\endnhere\sectdefaultcl\sftnbj {\rtlch\fcs1 \af0\afs32 \ltrch\fcs0 \fs32\cf6\loch\af13\insrsid6493368\charrsid15098623 \par }}{\*\pnseclvl1\pnucrm\pnstart1\pnindent720\pnhang {\pntxta \dbch .}}{\*\pnseclvl2\pnucltr\pnstart1\pnindent720\pnhang {\pntxta \dbch .}}{\*\pnseclvl3\pndec\pnstart1\pnindent720\pnhang {\pntxta \dbch .}}{\*\pnseclvl4\pnlcltr\pnstart1\pnindent720\pnhang {\pntxta \dbch )}}{\*\pnseclvl5\pndec\pnstart1\pnindent720\pnhang {\pntxtb \dbch (}{\pntxta \dbch )}}{\*\pnseclvl6\pnlcltr\pnstart1\pnindent720\pnhang {\pntxtb \dbch (}{\pntxta \dbch )}}{\*\pnseclvl7\pnlcrm\pnstart1\pnindent720\pnhang {\pntxtb \dbch (} {\pntxta \dbch )}}{\*\pnseclvl8\pnlcltr\pnstart1\pnindent720\pnhang {\pntxtb \dbch (}{\pntxta \dbch )}}{\*\pnseclvl9\pnlcrm\pnstart1\pnindent720\pnhang {\pntxtb \dbch (}{\pntxta \dbch )}}\pard\plain \ltrpar\qj \li0\ri0\sl180\slmult0 \nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0\pararsid6493368 \rtlch\fcs1 \af0\afs24\alang1025 \ltrch\fcs0 \fs21\lang1033\langfe2052\kerning2\loch\af0\hich\af0\dbch\af13\cgrid\langnp1033\langfenp2052 {\rtlch\fcs1 \af0 \ltrch\fcs0 \insrsid6493368\charrsid1074055 \loch\af0\hich\af0\dbch\f13 \'a1\'a1\'a1\'a1}{\rtlch\fcs1 \af0 \ltrch\fcs0 \insrsid6493368\charrsid1074055 \par }\pard \ltrpar\qc \li0\ri0\sl180\slmult0\nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0\pararsid1318786 {\rtlch\fcs1 \af0\afs36 \ltrch\fcs0 \b\fs36\insrsid1318786\charrsid1074055 \hich\af0\dbch\af13\loch\f0 ENDEVOR AUDIT PROGRAM \par }\pard \ltrpar\qj \li0\ri0\sl180\slmult0\nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0\pararsid1074055 {\rtlch\fcs1 \af0 \ltrch\fcs0 \fs24\insrsid6493368\charrsid1074055 \loch\af0\hich\af0\dbch\f13 \'a3\'ba}{\rtlch\fcs1 \af0 \ltrch\fcs0 \fs24\insrsid6493368\charrsid1074055 \par }\pard \ltrpar\qc \li0\ri0\sl180\slmult0\nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0\pararsid3869496 {\field{\*\fldinst {\rtlch\fcs1 \af0 \ltrch\fcs0 \fs24\insrsid1074055 \hich\af0\dbch\af13\loch\f0 \hich\af0\dbch\af13\loch\f0 HYPERLINK "http://www.downhi.com/"\hich\af0\dbch\af13\loch\f0 }{\rtlch\fcs1 \af0 \ltrch\fcs0 \fs24\insrsid13719882\charrsid1074055 {\*\datafield 00d0c9ea79f9bace118c8200aa004ba90b0200000003000000e0c9ea79f9bace118c8200aa004ba90b4600000068007400740070003a002f002f007700770077002e0064006f0077006e00680069002e0063006f006d002f000000795881f43b1d7f48af2c825dc485276300000000a5ab0000}}}{\fldrslt { \rtlch\fcs1 \af0 \ltrch\fcs0 \cs17\fs24\ul\cf2\insrsid3869496\charrsid1074055 \hich\af0\dbch\af13\loch\f0 http://www.nuokui.com/txt/MMaoFXSHOJZI.html}{\rtlch\fcs1 \af0 \ltrch\fcs0 \cs17\fs24\ul\cf2\insrsid6493368\charrsid1074055 \par }\pard \ltrpar\qj \li0\ri0\sl180\slmult0\nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0\pararsid6493368 }}\pard\plain \ltrpar\qj \li0\ri0\sl180\slmult0 \nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0\pararsid6493368 \rtlch\fcs1 \af0\afs24\alang1025 \ltrch\fcs0 \fs21\lang1033\langfe2052\kerning2\loch\af0\hich\af0\dbch\af13\cgrid\langnp1033\langfenp2052 \sectd \linex0\headery851\footery992\colsx425\endnhere\sectlinegrid312\sectspecifyl\sectrsid6493368\sftnbj {\rtlch\fcs1 \af0 \ltrch\fcs0 \insrsid6493368\charrsid1074055 \par }{\rtlch\fcs1 \af0 \ltrch\fcs0 \insrsid6493368\charrsid1074055 \par }\pard \ltrpar\qj \li0\ri0\sl360\slmult1\nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0\pararsid15866361 {\rtlch\fcs1 \af0 \ltrch\fcs0 \fs24\insrsid3869496\charrsid1074055 \hich\af0\dbch\af13\loch\f0 ENDEVOR AUDIT PROGRAM\par \par Contributed by Pamela Jerskey, Boston College\par (This audit program was created with special assistance and guidance from Connie\par Balodimos-Bank of Boston)\par \par I. BACKGROUND INFORMATION:\par \par I.1 Through interviews, note the current flow of change control including Stage I and Stage 2\par transactions. Identify and evaluate the specific steps an application must go through prior to\par being converted to Endevor.\par \par I.2 Determine the file name/names that contain the start-up /sysgen jobs for Endevor. \par Determine what files contain the defaults table, security table, and user exits. Determine what\par files contain the Master Control files. Determine what files contain Stage 1 and Stage 2 files; \par source and load files; and approval groups.\par \par I.3 Determine what release of Endevor is currently installed.\par \par I.4 Determine how many environments are defined.\par \par I.5 Identify the systems and sub-systems for each environment. \par \par I.6 Identify which systems and sub-systems go with which applications.\par \par I.7 Identify the Endevor System Administrators (via RLIST).\par \par I.8 Determine if dual approval is required. Determine what "quorum" is required for approvals. \par \par I.9 Determine if ESI (External Interface Security-RACF) is used. If not used, determine how\par Endevor is defined to RACF.\par \par I.10 Determine whether the signout override action would be reported. \par \par I.11 Determine whether the System Management Facility (SMF) security violation and activity\par reports are activated. Identify the review procedures for these reports. \par \par I.12 Determine whether the footprint (audit trail) reports are generated and reviewed.\par \par I http://www.nuokui.com/txt/MMaoFXSHOJZI.html .13 Since a programmer who makes a change has update access to the program while it is in\par Stage 1, determine when acceptance testing is performed. It should be performed after the\par package is cast.\par \par I.14 Endevor 3.5 does not move all components (e.g.; source, object, jcl) of a software change\par into production at the same time. Therefore, components which must be synchronized, may not\par be. Endevor release 3.6 will automatically ensure all components are present before the change\par can be moved into production. If 3.5 is currently utilized, what compensating factors are used.\par \par I.15 Identify who sets up users in the approval groups and specific Endevor actions. It should\par be Data Security and the application owner, respectively. A formal "request for access" form\par should be used. Identify and evaluate the procedures for maintaining the lists ( changes and\par terminations).\par \par I.16 All "packages" are stored in a package dataset. This dataset needs to be cleaned out\par periodically and production changes that have been successfully executed need to be deleted. \par Determine through interviews who is performing this task since they will have to be in the\par approval groups.\par \par II. SYSTEM GENERATION PARAMETERS:\par \par II.1 Start-up/Sysgen Jobs:\par \par II.1.1 Determine the job (BC1JDEFT) that contains the defaults table C1DEFLTS. This defines\par the system defaults and sysgen parameters. (Refer to Endevor/MVS Installation Guide, pp.\par 1-24-1-34).\par \par In job/member (BC1JDEFT), table C1DEFLTS, look for the following parameters:\par \par Under the TYPE=MAIN section:\par \par ACCSTBL=XXXXXXX tells you the name of the access security table. It must be\par defined if you are using external (RACF) security.\par \ http://www.nuokui.com/txt/MMaoFXSHOJZI.html par APRVFLG=Y tells you whether approval processing groups are required. Without it\par defined, dual control will not be system enforced.\par \par ESSI=#### where #### is some number. This is the control password. It must be\par defined if you are using ESI (external security interface-RACF) security.\par \par SITEID=0 is a one character name that identifies the site. This is used with the footprint. \par Therefore, any change in this may compromise the footprint. The footprint is the audit trail.\par \par SMFREC=##### tells you if you are capturing SMF information. If it is equal to zero,\par then you are not using SMF interface or capturing SMF records. \par \par PKGCSEC=Y tells you if package security is required. If it is not defined then there is\par no security checking when a package is cast.\par \par Under TYPE=ENVRNMNT section, for each environment, the following parameters\par should be defined:\par \par RSCETBL=XXXXXXXX defines those elements which can be accessed within each\par system and subsystem.\par If it is blank, then no security checking is performed. It must be defined if you are using\par ESI (External Interface Security-RACF).\par \par USERTBL=XXXXXXXXXX defines the systems and subsystems a user has access\par to for each environment. If it is blank, then no security checking is performed. It must be defined\par if you are using ESI (external Interface Security-RACF).\par \par SMFACT=YES and SMFSEC=YES tells you if you are using SMF to capture\par activity and security information, respectively. These must be defined for SMF action and\par security records to be written.\par \par STG1ME=xxx and STG2NME=yyy. If you are sharing files for differe http://www.nuokui.com/txt/MMaoFXSHOJZI.html nt environments,\par then each environment must have a unique stage 1 name (STG1NME) and a unique stage 2 name\par (STG2NME). Different environments should not share the same stage 1 or stage 2. These\par parameters define the Master control files for stage 1 and 2.\par \par II.1.2 Determine the job (BC1JNEQU) that contains the External Security Interface (ESI). \par It correlates RACF capabilities to Endevor actions. \par \par In job/member (BC1JNEQU?) look for the following parameters:\par \par In the FUNCEQU parameters, look at the SAFAUTH=xxxx and C1ACTNS=yyy,\par where xxx will identify the RACF capability and yyy will identify the Endevor action that it is\par related to. This will be used to review the RLIST FACILITY report from RACF Interface\par portion of this audit program. For example:\par \par FUNCEQU SAFAUTH=READ\par CIACTNS=(DISPLAY)\par This relates to the RACF READ capability. If a user has the RACF READ access, they\par can DISPLAY in Endevor.\par \par The NAMEQU section will define the naming convention for the facilities ( to be\par used with the RACF\par Interface section-RLIST section of this audit program). The L# tells you the position of the\par facility qualifier (e.g.: I1 is the first qualifier, L2 is the second, and so on). For example:\par \par NAMEQU FORMAT1,\par L1=('BKBAUTH'),\par L2=('ENDEVOR'),\par L3=('ENVIRON'),\par L4=(ENVIRONMENT),class='FACILITY'\par \par This tells us that the RACF RLIST class will be a facility. Anything in single quotes are\par printed literally (exactly as is); anything not in single quotes must be filled in. In th http://www.nuokui.com/txt/MMaoFXSHOJZI.html e above\par example, the facility naming convention for this one format is:\par \par BKBAUTH.ENDEVOR.ENVIRON.environment, where you must fill in the specific\par environment name. Any numbers in the parenthesis tell you character positions of the qualifiers\par [e.g.: L5=(system(1,3)].\par \par \par III. APPROVAL GROUPS\par \par (Refer to Chapter 5 of Endevor/MVS Administrator's Guide)\par \par Notes:\par \par "Quorum" refers to the number of approvers required to implement a change. Note,\par that is the quorum is one and the individuals also have access to make the change (via the RLIST\par facility) then they can also implement the change without dual control.\par \par If two approval groups are required and each has a quorum of one, then the total\par quorum is two and dual control is required.\par \par If a system requires an approval group and it has an asterisk * for subsystems, then all\par that system's bus-systems also require that approval group.\par \par You can't compare emergency (EM) approval groups and standard (ST) approval\par groups. They are separate.\par \par You will need (CONRPT10) Approval Group Definition Report to review. This\par report will show you who (userid) is in which approval group and the quorum for each group. If\par there is a quorum of 1 or 0, check CONRPT11 for dual control. You will need (CONRPT11)\par Approval Group Usage Report to review. This report will list for each\par environment/system/subsystem/type combination which approval groups are required. If dual\par control is not required, check CONRPT10 for specific quorum.\par \par III.1 Identify which environment/system/sub-system/type combinations require a total quorum of\par zero or one. Therefore, dual control is http://www.nuokui.com/txt/MMaoFXSHOJZI.html not required for implementing software changes.\par \par III.2 Determine whether emergency (EM) approval groups have a quorum of one and are able to\par MAKE any changes (via RACF RLIST facility). If so, they could implement software changes\par without dual control.\par \par III.3 Identify the environment/system/sub-system/type combinations which have quorums of one\par or zero for all of their approval groups. Determine if one user is in all of the approval groups. \par Determine if one user is in all of the approval groups for any one\par environment/system/sub-system/type combination. \par \par This person would then be able to approve the changes without requiring dual control.\par \par III.4 Identify the approval groups for each environment, system and sub-system. There should be\par approval group(s) for each application. Otherwise, dual control or approval would not be\par required to implement a program change. \par \par III.5 Endevor can require individuals in different approval groups to approve a change before it is\par moved into production. Therefore, a program change can require a technical approval. It can\par also require specific individuals to approve the change. Determine whether this feature is being\par used (i.e., Management Group).\par \par IV. SECURITY FEATURES:\par \par (Refer to Chapter 7 of Endevor/MVS Administrator's Guide)\par \par IV.1. Determine whether processors (e.g., compilers) have "Footprint=Create' and\par 'Monitor=Components' defined. The 'Footprint=Create' creates the footprint/audit trail. The\par 'Monitor=Components' allows users to inventory all parts/components of a program and find\par related code that may be affected by the program change. In order to do this test, you first must\par determine which file/files contains the processors. The using http://www.nuokui.com/txt/MMaoFXSHOJZI.html TSO, do a super search of all\par members in this file/files looking only for strings of G,F, or M (See attachment A).\par \par IV.2. Alternatively, instead of using a TSO super search, have MIS Librarian run JCL from\par Endevor to produce the processor list .\par \par IV.3. Determine whether package security (security in place during the 'create' through the\par 'commit' phases) is enabled for all environments. This will ensure that packages are properly\par protected from unauthorized access.\par \par V. FILE PROTECTIONS:\par \par V.1. Generate RACF LD/LG/LU reports and identify who has access to LOADLIB, CONLIB,\par NDVX.STAGE1 and NDVX.STAGE2 prefixed files. Only System Administrators should have\par UPDATE, ALTER OR CONTROL access. These files contain the: (1) Master Control File, (2)\par Stage 1 and Stage 2 files (3) Approval groups, (4) Source and load files, and (5) Security default\par and 'sysgen' tables.\par \par VI. RACF INTERFACE:\par \par VI.1. Determine whether users are restricted by Endevor actions. Identify which RACF actions\par (READ, UPDATE, ALTER, CONTROL) relate to which Endevor actions (DISPLAY, ADD,\par UPDATE, DELETE, MOVE< SIGNOUT< OVERRIDE, ENVIRONMENT MANAGER). Do\par this by looking at the FUNCEQU parameter in job BC1JNEQU. (See p.4, Section II.1.2). This\par correlates the RACF access capabilities to Endevor actions. For example:\par \par FUNCEQU SAFAUTH=READ\par CIACTNS=(DISPLAY)\par This relates to the RACF READ capability. If a user has the RACF READ access, they\par can DISPLAY in Endevor.\par \par VI.2. Determine the naming convention for the facilities by looking at the NAMEQU parameter\par of the BC1JNEQU (See p.4, Section II.1.2.).\par '\par VI.3. Identify who has access to wha http://www.nuokui.com/txt/MMaoFXSHOJZI.html t environments, systems, sub-systems and types. To do this,\par execute the TSO command in batch:\par \par SEARCH CLASS(FACILITY) MASK(BKAUTH.ENDEVOR)\par \par This will generate a listing of facilities that are prefixed with BKAUTH.ENDEVOR (use the\par naming convention for your environment).\par \par Edit the output generated above and extract all the facility names to be used below. Execute\par the TSO command in the batch:\par \par RLIST FACILITY name-facility-from-above ALL\par \par This will give you the RACF RLIST protections over environments, systems, sub-systems,\par and types. To translate which facility relates to which environment, system, sub-system and type,\par refer to the SYSGEN section of the audit program.\par \par The type of RACF access a user has (e.g., READ, UPDATE, ALTER or CONTROL) will\par determine what that user can do in that environment, system, sub-system and type. For the\par correlation of RACF capabilities to Endevor functions refer to Step 1 above and the SYSGEN\par section of the audit program.\par \par VI.4. Identify who can perform sensitive functions, such as:\par \par VI.4.a. The SIGNOUT OVERRIDE: This releases the lock on a program. This override\par parameter defaults to the most recent on-line use and can be hard-coded into a batch job. \par Therefore, a signout override may occur without the individual realizing it, and the original\par programmer would only know that the code was released when he/she tried to add it to stage 1. \par Additionally, necessary program changes may be lost and confusion may result as to which\par version is actually in production. Only application program management should be able to\par override a signout. Override procedures, implications and consequences should be do http://www.nuokui.com/txt/MMaoFXSHOJZI.html cumented.\par \par VI.4.b. ENVIRONMENT MANAGER should be reserved for the Endevor administrators.\par \par VII. EXITS:\par \par If the native security facility of Endevor is used, Exit 1 will be called each time Endevor/MVS\par finishes a security check. Before performing a requested action, Endevor/MVS checks against the\par access security table, user security table and resource security table to determine whether the user\par is authorized to perform the action.\par \par VII.1. Verify that Exit 1 is operational by reviewing that a Y value is in the ECBINTNL field of\par the Exit Control Block field (equate is ECB$YES).\par \par VIII. BACKUP:\par \par VIII.1 Determine that Endevor/MVS files are regularly backed up. What is the Regularity of\par backup?\par \par \par ATTACHMENT A\par ENDEVOR/MVS IMPLEMENTATION STRATEGY\par \par PROCESSOR NAMES:\par \par POSITION 1-PROCESSOR TYPE\par G=GENERATE D=DELETE M=MOVE\par \par POSITION2-4 LANGUAGE TYPE OR UTILITY\par ASM=ASSEMBLER\par CLI=CLIST\par COB=COBOL\par DAT=DATA (DOCUMENTATION)\par EAS=EASYTRIEVE\par FOR=FORTRAN \par JCL=JCL\par LEC=LINK EDIT CONTROL CARDS\par LOD=LOAD\par OBJ=OBJECT\par PLI=PLI\par RPG=RPG\par TEL=TELON\par TRA=TRANSFORM\par \par POSITION 5 DATABASE ENVIRONMENT\par D=DB2 S=IDMS\par http://www.nuokui.com/txt/MMaoFXSHOJZI.html I=IMS N=NONE\par \par POSITION6-OPERATING ENVIRONMENT\par B=BATCH C=CICS\par D=IDMS-DC I=IMS-DC\par N=NONE\par \par POSITION 7-OUTPUT TYPE\par I=IMPACT ANALYSIS SCL\par L=LOAD MODULE\par K=NCAL LOAD MODULE\par O=OBJECT\par P=PDS\par R=REPORT(S)\par N=NONE\par \par POSITION 8-STAGE ID}{ \rtlch\fcs1 \af0 \ltrch\fcs0 \fs24\insrsid6493368\charrsid1074055 \par }\pard \ltrpar\qj \li0\ri0\sl180\slmult0\nowidctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0\pararsid6493368 {\rtlch\fcs1 \af0 \ltrch\fcs0 \insrsid1074055 \par \par \par }{\rtlch\fcs1 \af0\afs30 \ltrch\fcs0 \fs30\cf17\dbch\af18\insrsid1074055\charrsid1074055 \hich\af0\dbch\af18\loch\f0 Free Document Search Engine. support all pdf,DOC,PPT,RTF,XLS,TXT\hich\af0\dbch\af18\loch\f0 ,Ebook! \hich\af0\dbch\af18\loch\f0 F \hich\af0\dbch\af18\loch\f0 ree\hich\af0\dbch\af18\loch\f0 \hich\af0\dbch\af18\loch\f0 download! You can search all kind of documents!}{\rtlch\fcs1 \af0\afs30 \ltrch\fcs0 \fs30\cf17\dbch\af18\insrsid6493368\charrsid1074055 \hich\af0\dbch\af18\loch\f0 }{ \rtlch\fcs1 \af0\afs30 \ltrch\fcs0 \fs30\cf17\insrsid1074055\charrsid1074055 \par }{\field\fldedit{\*\fldinst {\rtlch\fcs1 \af0\afs28 \ltrch\fcs0 \fs28\cf11\insrsid14892288\charrsid1074055 \hich\af0\dbch\af13\loch\f0 HYPERLINK "http://www.downhi.com/"}{\rtlch\fcs1 \af0\afs28 \ltrch\fcs0 \fs28\cf11\insrsid10707375\charrsid1074055 {\*\datafield 00d0c9ea79f9bace118c8200aa004ba90b0200000003000000e0c9ea79f9bace118c8200aa004ba90b4e00000068007400740070003a002f002f00770065006e00640061006e0067002e0064006f00630073006f0075002e0063006f006d002f000000795881f43b1d7f48af2c825dc485276300000000a5ab0000000000}} }{\fldrslt {\rtlch\fcs1 \af0\afs28 \ltrch\fcs0 \cs17\fs28\ul\cf2\insrsid14892288\charrsid1074055 \hich\af0\dbch\af13\loch\f0 http://www.downhi.com/}}}\sectd \linex0\headery851\footery992\colsx425\endnhere\sectlinegrid312\sectspecifyl\sectrsid6493368\sftnbj {\rtlch\fcs1 \af0\afs28 \ltrch\fcs0 \fs28\cf11\insrsid6493368\charrsid1074055 \par }{\rtlch\fcs1 \af0\afs28 \ltrch\fcs0 \fs28\cf11\insrsid15098623\charrsid1074055 \par }}