Implementing SAF-rule controlled auditing

Use the checklist shown here to implement SAF-rule controlled auditing:

1. Determine the FACILITY and XFACILIT class profiles required to control FM/IMS audit logging at your installation. The information provided in this section should help you to do that:
   • Understanding how SAF controls FM/IMS audit logging.
2. Determine which level of access to these profiles your users will require to meet the audit logging requirements at your installation. The information provided in these sections should help you to do that:
   • Controlling where FM/IMS writes audit log records.
   • Controlling whether an audit trail is created.
   • Controlling if users can request an audit trail when one is not required (Edit function only).
3. Define the required profiles to RACF® or your equivalent security product and provide users with the required access to these profiles. The information provided in these sections describes how you do this when using RACF®:
   • FILEM.AUDIT1.ssid.TOSMF.
   • FILEM.AUDIT1.ssid.TODSN.
   • FILEM.AUDIT1.ssid.fc.db..
   • FILEM.AUDIT1.ssid.OPTION.

   If you use another security product, consult the documentation for your product.

4. Activate SAF-rule controlled auditing for the user IDs that you intend to use in Step 5. The information provided in these sections describe how you do that:
   • SAF-controlled auditing for File Manager IMS component.
   • FM/IMS options specified in FMN1PARM.
5. Test your configuration to ensure that audit logging occurs when, and only when, it is required.
6. When you are satisfied that FM/IMS audit logging is only occurring when it should, activate SAF controlled audit logging for all FM/IMS users. The information provided in these sections describe how you do that:
   • SAF-controlled auditing for File Manager IMS component.
   • FM/IMS options specified in FMN1PARM.