Protect the journal by ensuring that a RACF DATASET profile protects it. To prevent inadvertent updates to the journal, specify a RACF universal access of NONE. Give READ access only to users that are authorized to perform functions independent of the subsystem, such as restoring and reorganizing the control data set. Give UPDATE access to the RACF user ID assigned to the DFSMSrmm procedure in Step 9: Assigning DFSMSrmm a RACF user ID.