Using RACF to secure commands
To control which users can issue controlled commands, define controlled commands to RACF® as CIMS class, and grant authorization to RACF-defined users or groups of users.
You can use SMF logging to track the successes and failures of command authorization. Using RACF, request auditing capabilities for your command security profiles.