Define PCI PAN and PCI AUTH data sets, users, and groups (SE.A.P)

Use this option to define Payment Card Industry primary account numbers (PCI PAN) and sensitive authentication data (PCI AUTH) data sets and privileged users and groups who are authorized to access these data sets.

The following panel is displayed:
Figure 1. Alert - PCI panel
  Menu         Options       Info    Commands     Setup             
------------------------------------------------------------------------------
                         zSecure Suite - Alert - PCI                  
Command ===> _________________________________________________________________ 

Select library for PCI members                     
1  1. Use Alert library 'C2POLICE.C2PCUST' 
   2. Use Audit library 'AUDIT.CKACUST'    
                                                                               
Enter / to edit member                                                         
_  PCI-DSS sensitive data sets                                                 
_  Privileged users and groups for PCI PAN data sets                           
_  Privileged users and groups for clear text PCI PAN data sets                     
_  Privileged users and groups for PCI AUTH data sets
For changed members, the changes become active after a refresh of the zAlert started task (the F line command on the SE.A.A panel) or after an environment refresh.

If only a C2PCUST data set is available, the members will be saved there. If both C2PCUST and CKACUST libraries are available, you can use option Select library for PCI members to indicate which library to use.

If an alert configuration is created for another system and the PCI data sets and privileged users/groups are the same as for the current system, you can share the C2PCUST or CKACUST data set you selected.

If the PCI data sets and/or privileged user/groups for the configurations are not identical, then:
  1. Create a new CKACUST library with SCKRSAMP job CKAZCUST.
  2. Start the User Interface with the newly created CKACUST in your parameter member (default C2R$PARM).
  3. Edit the members with option SE.A.P.
  4. Complete the configuration with SE.A.A.

The following options are available:

PCI-DSS sensitive data sets
Starts an edit session for member CLASSIFY which can contain SIMULATE SENSITIVE statements. For more informaton, see SENSITIVY=Site<text> for the SIMULATE command in zSecure CARLa Command Language. This member is exploited by alerts 1209, 1210, and 1211 for RACF®, and by alerts 2209, 2210, and 2211 for ACF2.
Privileged users and groups for PCI PAN data sets
Starts an edit session for member PCIPAN. This member can be used to enter a list of privileged users and groups for which the alert should not be generated. This member is exploited by alerts 1209 for RACF and 2209 for ACF2.
Privileged users and groups for clear text PCI PAN data sets
Starts an edit session for member PCIPANCL. This member can be used to enter a list of privileged users and groups for which the alert should not be generated. This member is exploited by alerts 1210 for RACF and 2210 for ACF2.
Privileged users and groups for PCI AUTH data sets
Starts an edit session for member PCIAUTH. This member can be used to enter a list of privileged users and groups for which the alert should not be generated. This member is exploited by alerts 1211 for RACF and 2211 for ACF2.