Interskill Mainframe Training Newsletter - June ´18
Interskill Mainframe Training Newsletter - April ´17
Interskill Mainframe Training Newsletter - August ´16
Past Issues

Mainframe Links
Mainframe Facts - Did you know?


More facts...

Course Catalog » Security Curriculum » RACF - z/OS Security Server RACF V2.4 Series

RACF - For Auditors 2.4

4 hours



The "RACF - For Auditors" course describes the various types of data center audits and discusses the role of an internal auditor when performing a RACF audit. It expands this to look at the general steps to ensure that RACF managed security is aligned with both organizational security standards, and external compliance regulations. RACF auditor privileges are discussed in detail describing how audit information is stored and the commands used to request the capture of specific events. The type of data that can be unloaded from SMF, and the RACF database, is explained along with details on how ICETOOL can be used to process this information to create audit reports.


Security administrators, and IT auditors who are responsible for auditing the RACF environment. System programmers would also benefit from this course, giving them a better understanding of audit requirements from a RACF perspective.


Successful completion of all other RACF courses in this curriculum, or equivalent knowledge.


After completing this course, the student should be able to:

  • Identify general processes when undertaking a RACF audit
  • Identify RACF Auditor roles
  • Describe general RACF auditing controls
  • Describe how RACF information is logged
  • Describe how the SMF dump utility is used to extract RACF records
  • Run the IRRDBU00 utility to unload the RACF database
  • Run ICETOOL jobs to create reports from unloaded data

Course Content

Introduction to RACF Auditing

Why a RACF audit is required

Internal and External audits

Tools to assist you with a RACF audit

Audit certification opportunities

Technical skills and knowledge to perform a RACF audit

The RACF auditing process

RACF Auditing Controls and Options

RACF audit roles

Assigning Auditor privileges

Logging of security-related events

Owner-controlled and Auditor-controlled logging

AUDIT and NOAUDIT controls

Using LOGOPTIONS to define what is logged

Logging command violations


Auditing z/OS UNIX

RACF Audit Data and ICETOOL

RACF SMF record types

IRRADU00 utility

Sorting unloaded SMF data

Creating XML data from unloaded SMF records

Unloading RACF database content

Creating ICETOOL reports

Invoking the RACFICE procedure

Pre-defined ICETOOL reports

Creating a customized ICETOOL report

RACF - For Auditors 2.4 Mastery Test

Course Catalog » Security Curriculum » RACF - z/OS Security Server RACF V2.4 Series
  © All rights reserved. Interskill Learning Pty Ltd.
  HomeAbout UsProductsDemonstrationCourse CatalogContact UsSite Map
      Interskill IBM