Midrange and Mainframe systems for Security Policies compliance control Tool

The goal of this document, within the scope of the practical exam for the GSEC1 SANS2 option 2, is to present a solution for a Company, in order to be able to manage and apply computing security rules on Mainframe and Midrange systems, as well as Facilities Management systems complying with other security rules, specific to customers. With the help of a tool accepting the OS platform Z/OS MVS3, Z/OS VM, OS4004 and the security product: RACF5, ACF26, CA TSS7. This tool runs on a law table applicable on any computing system, or a set of systems, or a particular system. The tool creates executable commands on various systems managed by the tool, in order to have the security rules applied. Sending of controls by mail to the various individuals affected to their job, using an addressee table. As well as a part of the controls validation by ISPF/TSO8 chosen within the tool.