A fix is available
APAR status
Closed as new function.
Error description
zSecure Audit support for: z/OS RACF STIG V9R7 and z/OS TSS STIG V9R7.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: Users of zSecure Compliance Testing * * Framework. * **************************************************************** * PROBLEM DESCRIPTION: Update to support CIS IBM CICS * * Transaction Server Benchmark 1.1.0. * * This standard is available only if your * * organization has a license for zSecure * * Compliance or Z Security and Compliance * * Center. * * * * Support for the following controls is * * added: * * * * o CIS-CICS-1.1.1 Ensure that RACF * * changes are accepted * * immediately * * o CIS-CICS-1.2.1 Ensure that only * * authorized users can * * run transactions * * o CIS-CICS-1.2.2 Ensure that only * * authorized users can * * access resources * * o CIS-CICS-1.3.1 Ensure that SIT * * parameter SEC=YES is * * set in all regions * * o CIS-CICS-1.4.1 Ensure that only * * authorized users can * * issue SPI commands * * o CIS-CICS-1.4.2 Ensure that a user * * requires * * authorization to * * start work under a * * different userid * * o CIS-CICS-2.1.1 Ensure that passwords * * are redacted in line * * traces * * o CIS-CICS-3.1.1 Ensure that no * * unencrypted IP * * connections use * * BASICAUTH * * * * Update to support z/OS STIG: * * * * o IBM z/OS RACF Version 9, Release: 07 * * o IBM z/OS TSS Version 9, Release: 07 * * * * Update to support the following z/OS * * Products STIG for RACF: * * * * o z/OS BMC CONTROL-D STIG for RACF * * Version 7, Release: 02 * * o z/OS BMC CONTROL-M/Restart for RACF * * Version 7, Release: 02 * * o z/OS BMC CONTROL-M STIG for RACF * * Version 7, Release: 02 * * o z/OS BMC CONTROL-O STIG for RACF * * Version 7, Release: 02 * * o z/OS BMC Integrated Operations * * Architecture (IOA) STIG for RACF * * Version 7, Release: 02 * * o z/OS BMC MainView Systems Management * * STIG for RACF Version 7, Release: 02 * * o z/OS CA Auditor STIG for RACF * * Version 7, Release: 02 * * o z/OS CA Common Services STIG for * * RACF Version 7, Release: 02 * * o z/OS CA Management Information * * Control System (MICS) Resource * * Management STIG for RACF Version 7, * * Release: 02 * * o z/OS CA Multi-image Manager (MIM) * * Resource Sharing STIG for RACF * * Version 7, Release: 02 * * o z/OS CA Roscoe Interactive * * Environment STIG for RACF Version 7, * * Release: 02 * * o z/OS CA Vtape Virtual Tape System * * STIG for RACF Version 7, Release: 02 * * o z/OS CA 1 Tape Management STIG for * * RACF Version 7, Release: 02 * * o z/OS Catalog Solutions STIG for RACF * * Version 7, Release: 02 * * o z/OS Compuware Abend-AID STIG for * * RACF Version 7, Release: 02 * * o z/OS Fast Dump Restore (FDR) STIG * * for RACF Version 7, Release: 02 * * o z/OS Front End Processor (FEP) STIG * * for RACF Version 7, Release: 02 * * o z/OS IBM CL/SuperSession STIG for * * RACF Version 7, Release: 02 * * o z/OS IBM Customer Information * * Control System (CICS) Transaction * * Server STIG for RACF Version 7, * * Release: 02 * * o z/OS IBM Hardware Configuration * * Definition (HCD) STIG for RACF * * Version 7, Release: 02 * * o z/OS IBM MQ STIG for RACF Version 7, * * Release: 03 * * o z/OS IBM System Display and Search * * Facility (SDSF) STIG for RACF * * Version 7, Release: 02 * * o z/OS IBM Tivoli® Asset Discovery * * (TADz) STIG for RACF Version 7, * * Release: 02 * * o z/OS IBM Transparent Data Migration * * Facility (TDMF) STIG for RACF * * Version 7, Release: 02 * * o z/OS IBM WebSphere® Application * * Server (WAS) STIG for RACF * * Version 7, Release: 02 * * o z/OS Quest NC-Pass STIG for RACF * * Version 7, Release: 02 * * o IBM Z® NetView for RACF Version 7, * * Release: 02 * * o z/OS SRRAUDIT STIG for RACF * * Version 7, Release: 02 * * o z/OS Vanguard Security Solutions * * (VSS) STIG for RACF Version 7, * * Release: 02 * * * * Update to support the following z/OS * * Products STIG for Top Secret (TSS): * * * * o z/OS BMC CONTROL-D STIG for TSS * * Version 7, Release: 02 * * o z/OS BMC CONTROL-M/Restart for TSS * * Version 7, Release: 02 * * o z/OS BMC CONTROL-M STIG for TSS * * Version 7, Release: 02 * * o z/OS BMC CONTROL-O STIG for TSS * * Version 7, Release: 02 * * o z/OS BMC Integrated Operations * * Architecture (IOA) STIG for TSS * * Version 7, Release: 02 * * o z/OS BMC MainView Systems Management * * TSS for ACF2 Version 7, Release: 02 * * o z/OS CA Auditor STIG for TSS * * Version 7, Release: 02 * * o z/OS CA Common Services STIG for * * TSS Version 7, Release: 02 * * o z/OS CA Management Information * * Control System (MICS) Resource * * Management STIG for TSS Version 7, * * Release: 02 * * o z/OS CA Multi-image Manager (MIM) * * Resource Sharing STIG for TSS * * Version 7, Release: 02 * * o z/OS CA Roscoe Interactive * * Environment STIG for TSS Version 7, * * Release: 02 * * o z/OS CA Vtape Virtual Tape System * * STIG for TSS Version 7, Release: 02 * * o z/OS CA 1 Tape Management STIG for * * TSS Version 7, Release: 02 * * o z/OS Catalog Solutions STIG for TSS * * Version 7, Release: 02 * * o z/OS Compuware Abend-AID STIG for * * TSS Version 7, Release: 02 * * o z/OS Fast Dump Restore (FDR) STIG * * for TSS Version 7, Release: 02 * * o z/OS Front End Processor (FEP) STIG * * for TSS Version 7, Release: 02 * * o z/OS IBM CL/SuperSession STIG for * * TSS Version 7, Release: 02 * * o z/OS IBM Customer Information * * Control System (CICS) Transaction * * Server STIG for TSS Version 7, * * Release: 02 * * o z/OS IBM Hardware Configuration * * Definition (HCD) STIG for TSS * * Version 7, Release: 02 * * o z/OS IBM MQ STIG for TSS Version 7, * * Release: 02 * * o z/OS IBM System Display and Search * * Facility (SDSF) STIG for TSS * * Version 7, Release: 02 * * o z/OS IBM Tivoli® Asset Discovery * * (TADz) STIG for TSS Version 7, * * Release: 02 * * o z/OS IBM Transparent Data Migration * * Facility (TDMF) STIG for TSS * * Version 7, Release: 02 * * o z/OS IBM WebSphere® Application * * Server (WAS) STIG for TSS Version 7, * * Release: 02 * * o z/OS Quest NC-Pass STIG for TSS * * Version 7, Release: 02 * * o IBM Z® NetView for TSS Version 7, * * Release: 02 * * o z/OS SRRAUDIT STIG for TSS * * Version 7, Release: 02 * **************************************************************** * RECOMMENDATION: Apply the PTF provided and review * * documentation updates. * **************************************************************** The fix for this APAR provides support for: CIS IBM CICS Transaction Server Benchmark 1.1.0. This standard is available only if your organization has a license for zSecure Compliance or Z Security and Compliance Center. The fix for this APAR provides support for z/OS STIG: o IBM z/OS RACF Version 9, Release: 07 o IBM z/OS TSS Version 9, Release: 07 The fix for this APAR provides support for the following z/OS Products STIG for RACF: o z/OS BMC CONTROL-D STIG for RACF Version 7, Release: 02 o z/OS BMC CONTROL-M/Restart for RACF Version 7, Release: 02 o z/OS BMC CONTROL-M STIG for RACF Version 7, Release: 02 o z/OS BMC CONTROL-O STIG for RACF Version 7, Release: 02 o z/OS BMC Integrated Operations Architecture (IOA) STIG for RACF Version 7, Release: 02 o z/OS BMC MainView Systems Management STIG for RACF Version 7, Release: 02 o z/OS CA Auditor STIG for RACF Version 7, Release: 02 o z/OS CA Common Services STIG for RACF Version 7, Release: 02 o z/OS CA Management Information Control System (MICS) Resource Management STIG for RACF Version 7, Release: 02 o z/OS CA Multi-image Manager (MIM) Resource Sharing STIG for RACF Version 7, Release: 02 o z/OS CA Roscoe Interactive Environment STIG for RACF Version 7, Release: 02 o z/OS CA Vtape Virtual Tape System STIG for RACF Version 7, Release: 02 o z/OS CA 1 Tape Management STIG for RACF Version 7, Release: 02 o z/OS Catalog Solutions STIG for RACF Version 7, Release: 02 o z/OS Compuware Abend-AID STIG for RACF Version 7, Release: 02 o z/OS Fast Dump Restore (FDR) STIG for RACF Version 7, Release: 02 o z/OS Front End Processor (FEP) STIG for RACF Version 7, Release: 02 o z/OS IBM CL/SuperSession STIG for RACF Version 7, Release: 02 o z/OS IBM Customer Information Control System (CICS) Transaction Server STIG for RACF Version 7, Release: 02 o z/OS IBM Hardware Configuration Definition (HCD) STIG for RACF Version 7, Release: 02 o z/OS IBM MQ STIG for RACF Version 7, Release: 03 o z/OS IBM System Display and Search Facility (SDSF) STIG for RACF Version 7, Release: 02 o z/OS IBM Tivoli® Asset Discovery (TADz) STIG for RACF Version 7, Release: 02 o z/OS IBM Transparent Data Migration Facility (TDMF) STIG for RACF Version 7, Release: 02 o z/OS IBM WebSphere® Application Server (WAS) STIG for RACF Version 7, Release: 02 o z/OS Quest NC-Pass STIG for RACF Version 7, Release: 02 o IBM Z® NetView for RACF Version 7, Release: 02 o z/OS SRRAUDIT STIG for RACF Version 7, Release: 02 o z/OS Vanguard Security Solutions (VSS) STIG for RACF Version 7, Release: 02 The fix for this APAR provides support for the following z/OS Products STIG for Top Secret (TSS): o z/OS BMC CONTROL-D STIG for TSS Version 7, Release: 02 o z/OS BMC CONTROL-M/Restart for TSS Version 7, Release: 02 o z/OS BMC CONTROL-M STIG for TSS Version 7, Release: 02 o z/OS BMC CONTROL-O STIG for TSS Version 7, Release: 02 o z/OS BMC Integrated Operations Architecture (IOA) STIG for TSS Version 7, Release: 02 o z/OS BMC MainView Systems Management TSS for ACF2 Version 7, Release: 02 o z/OS CA Auditor STIG for TSS Version 7, Release: 02 o z/OS CA Common Services STIG for TSS Version 7, Release: 02 o z/OS CA Management Information Control System (MICS) Resource Management STIG for TSS Version 7, Release: 02 o z/OS CA Multi-image Manager (MIM) Resource Sharing STIG for TSS Version 7, Release: 02 o z/OS CA Roscoe Interactive Environment STIG for TSS Version 7, Release: 02 o z/OS CA Vtape Virtual Tape System STIG for TSS Version 7, Release: 02 o z/OS CA 1 Tape Management STIG for TSS Version 7, Release: 02 o z/OS Catalog Solutions STIG for TSS Version 7, Release: 02 o z/OS Compuware Abend-AID STIG for TSS Version 7, Release: 02 o z/OS Fast Dump Restore (FDR) STIG for TSS Version 7, Release: 02 o z/OS Front End Processor (FEP) STIG for TSS Version 7, Release: 02 o z/OS IBM CL/SuperSession STIG for TSS Version 7, Release: 02 o z/OS IBM Customer Information Control System (CICS) Transaction Server STIG for TSS Version 7, Release: 02 o z/OS IBM Hardware Configuration Definition (HCD) STIG for TSS Version 7, Release: 02 o z/OS IBM MQ STIG for TSS Version 7, Release: 02 o z/OS IBM System Display and Search Facility (SDSF) STIG for TSS Version 7, Release: 02 o z/OS IBM Tivoli® Asset Discovery (TADz) STIG for TSS Version 7, Release: 02 o z/OS IBM Transparent Data Migration Facility (TDMF) STIG for TSS Version 7, Release: 02 o z/OS IBM WebSphere® Application Server (WAS) STIG for TSS Version 7, Release: 02 o z/OS Quest NC-Pass STIG for TSS Version 7, Release: 02 o IBM Z® NetView for TSS Version 7, Release: 02 o z/OS SRRAUDIT STIG for TSS Version 7, Release: 02
Problem conclusion
Temporary fix
Comments
APAR Information
APAR number
OA69137
Reported component name
ZSEC BASE,ADMIN
Reported component ID
5655T0100
Reported release
320
Status
CLOSED UR1
PE
NoPE
HIPER
NoHIPER
Special Attention
YesSpecatt / New Function / Xsystem
Submitted date
2026-02-26
Closed date
2026-03-26
Last modified date
2026-04-02
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UJ99297
Modules/Macros
C2RH@ C2RH@STD C2RHCO40 C2RHFE14 C2RHO190 CKA$INDX CKA31CIR CKA32CIR CKA41CIR CKA42CIR CKA51CIR CKA52CIR CKA53CIR CKA54CIR CKA55CIR CKA56CIR CKA61CIR CKA62CIR CKA63CIR CKAIRULE CKAV0002 CKRP3ARC CKRP3ARE GKA31CIR GKA32CIR GKA41CIR GKA42CIR GKA51CIR GKA52CIR GKA53CIR GKA54CIR GKA55CIR GKA56CIR GKA61CIR GKA62CIR GKA63CIR
Fix information
Fixed component name
ZSEC BASE,ADMIN
Fixed component ID
5655T0100
Applicable component levels
R320 PSY UJ99297
UP26/03/28 P F603
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"320","Line of Business":{"code":"LOB70","label":"Z TPS"}}]
Document Information
Modified date:
02 April 2026