IBM Health Checker for z/OS for CICS security
Checking and reporting of key security configuration settings in CICS® regions identifies configuration issues, potential compliance exposures, and enables simpler auditing.
For an overview of this capability, including information on excluding certain health checks, see Auditing CICS configuration with IBM Health Checker for z/OS.
Set up for health checks
No configuration is necessary within CICS to run the health checks.
See IBM Health Checker for z/OS User's Guide for further details on how to use and configure the IBM Health Checker for z/OS.
CICS region tagging can be used to manage the CICS health checks that are excluded from running. For example, you might have a development or sandbox region that you do not want checked to prevent false positives. You can identify such regions based on the assigned APPLID, region user name, or job name and exclude them from all CICS health checks. You might also want to exclude specific health checks from running for all regions. For more information, see Classifying CICS regions with region tagging.
To review the details of the Health Check output, use the TSO SDSF CK command. For more information, see Health Check panel (CK) in z/OS documentation.