z/TPF security compliance and cryptographic inventory

The z/TPF system collects several pieces of security compliance and cryptographic inventory information that can be displayed and supplied to an auditor.

Information about network security, database encryption, and applications that use secure keys in production is automatically collected and does not require any configuration to set up. You can scan your application source code with the provided instructions to find the following information:

Additional secure key usage that exists but was not run in production
The use of clear crypto keys, digital signatures, digest algorithms, and hash algorithms