Checklist Summary:

This document provides prescriptive guidance for establishing a secure configuration posture for IBM® z/OS® V2R5. This benchmark assumes that the client is using IBM RACF® as their external security manager (ESM). This benchmark references the STIGs quite frequently from https://public.cyber.mil/stigs/ . Where appropriate, direct reference to the specific STIGs has been documented. Refer to https://www.ibm.com/legal/copytrade for listing of United States trademarks owned by IBM and related information. UNIX is a registered trademark of The Open Group in the United States and other countries To obtain the latest version of this guide, please visit http://workbench.cisecurity.org. If you have questions, comments, or have identified ways to improve this guide, please write us at feedback@cisecurity.org.

Checklist Role:

• Server Operating System

Known Issues:

Not provided.

Target Audience:

This benchmark is intended for system and application administrators, security specialists, auditors and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate IBM z/OS.

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Not provided.

Product Support:

Not provided.

Point of Contact:

feedback@cisecurity.org

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

new checklist - 2/28/24
updated status to FINAL - 3/28/24

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 03/28/2024