Weekly audit reports, including delta reports for RACF Database

Situation:
Today, regulatory compliance is a very big issue. To keep in line with the laws and regulations governing the industry, the security policy of company X stipulates that the auditor must check important RACF settings every week. Not only that, the reports that the auditor submits must also show which changes have been made compared with the week before.

Complications:
RACF data is changing all the time. Users come and go, tasks and the authorizations they require change, access rights to resources are revoked and resumed. Analyses made using the live RACF dataset could present a false picture; RACF data may have changed several times between one week and the next, and thus between one audit analysis and the next. The auditor can only compare different generations of RACF data by making copies.

Solution:
The auditor has to make a copy of the RACF database at the appropriate time, for example, by saving the RACF data in DB2. Evaluations and analyses can be made using the means provided by the selected database system.
The ideal solution is offered by Beta 88 zSecurity Administrator and Beta 88 zSecurity Auditor. Beta 88 always works with a synchronized copy of all RACF data. However, RACF data can also be loaded into non-synchronized copies and frozen into generations, as many as 25 of them. Here, RACF data is always available for audit, and it goes without saying that all the generations can be compared and the differences reported.