ISACA New York Metropolitan Chapter

Security and Audit of MVS, RACF, ACF2, CICS and DB2

Presented by Stu Henderson, The Henderson Group






 

     This comprehensive class in mainframe auditing shows you how to audit the MVS operating system and some of the key software associated with it, including the RACF and ACF2 security software, the CICS transaction manager, and the DB2 database manager. These are all essential components to a z/OS system.

     This class shows you how the software works, how its security works, and how to audit it. It explains the three hardware controls which form the basis of all MVS security, how MVS uses the hardware controls, and why IBM gave us backdoors to these controls. You will learn how security software such as RACF and ACF2 works, and how they are dependent upon effective MVS security. You will learn how CICS works and how it relies on both MVS security and security software. The class covers DB2 as well, showing you how it works on the mainframe, and how its security works.

     You will learn a systematic approach to auditing all this, and to making practical, recommendations for improvement in security for z/OS, including MVS and its associated system software. You will learn:

•  How MVS security works and why there are backdoors

•  How the hardware controls work, what backdoors exist, and how to find them

•  How RACF and ACF2 work and how they fit the MVS security model

•  How CICS works and how it uses tools like RACF and ACF2 for its security

•  How DB2 works and how its security works

•  What data to collect and how to interpret it

•  How to conduct the audit, from planning and scoping through follow-up

•  What all the related buzzwords and acronyms mean

•  How to conduct the audit rapidly and efficiently, with maximum benefit to your organization

•  The workbook is a valuable reference, and includes complete audit programs.


Details:

Dates:          November 15, 16, 17

Location:     Saint Johns University, Manhattan Campus

                     101 Murray Street

                     New York, NY

Directions:  http://new.stjohns.edu/about/directions/directions/manhattan

CPEs:          21 CPEs will be given for attending this course

*ALL ATTENDEES MUST BE PRE-REGISTERED - NO WALK-INS ALLOWED*

TO RESERVE A SEAT, YOU MAY CONTACT:

Patrick Grant at pgrant@bankofny.com or 212 635-7473 or

Peter Kane at pkane@cablevision.com or 516-803-2251

 

  
Copyright © 2002 Information Systems Audit and Control Association (ISACA™). All rights reserved.

Last updated November 17, 2005 4:40 PM