Setting up the auditing function for system values helps you to track the changed values on the system.
- Security system values follow recommended guidelines.
To print the security system values, type:
WRKSYSVAL *SEC OUTPUT(*PRINT). Two important system values to audit are:
Note: If the auditing function is active, an SV entry is written to the QAUDJRN journal whenever a system value is changed.
- QSECURITY, which should be set to 40 or higher.
- QMAXSIGN, which should not be greater than 5.
- Use the Display Security Attributes (DSPSECA) command to verify the current and pending values of QSECURITY (security level) and QPWDLVL (password level), and the current setting of the security related system (whether the values can be changed).
- Review decisions about system values periodically. This is particularly important when the system environment changes, such as the installation of new applications or a communications network.