The RACF SETRACF Command Is Always Audited

The RACF SETRACF command activates or deactivates RACF protection over your z/VM configuration. Any administrator can enter the SETRACF command, but only from a RACF service machine.

Because this command has great significance for the security of your system, RACF automatically audits the SETRACF command.