Checklist Summary:

This standard provides the baseline security requirements for IBM i systems. An owner must be designated for IBM i electronic information assets, including the programs and the data labeled as Confidential or Highly Restricted as defined by the company’s data classification. The owner must designate an administrator who is responsible for the secure configuration and maintenance. Privileges to modify the functionality and services supported by the IBM i must be restricted to the administrator and approved by the IBM i owner. Roles and responsibilities on the IBM i must be clearly defined and documented, and address system, application and data security and operational responsibilities. Roles must include resource owners who are responsible for ensuring that appropriate security controls are defined, implemented, and maintained, and are ultimately accountable for security, access and performance on their designated resource. Development and production roles and responsibilities must be kept separate to ensure an appropriate segregation of duties. Security administration and/or audit roles and responsibilities should be defined to provide validation of activities performed by the administrators and other privileged users.

Checklist Role:

• Operating System

Known Issues:

Not provided.

Target Audience:

These standards apply to all applications, databases and connections to the IBM i.

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Not provided.

Product Support:

Not provided.

Point of Contact:

feedback@cisecurity.org

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

new checklist - 3/1/24
Candidate to Final - 4/19/24

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 04/19/2024