This topic describes very important system and security documentation to retain for auditing.
1. Computer room access. Who has access and how is the room secured ?
2. The IBMi OS Version and Release
PTF levels. The recommendation is that the PTFs
should be current or no older than the current release -1.
3. System Values
Print and determine that the system is set for proper best
4. System Security
• User Profiles – Password Strength, Password Change Policy, Profile Sharings, *ALLOBJ
• SystemAudit Level
• Journaling – Journal Policies, Retention
• Integrated File System – Folder Security
• Usage of QSECOFR – who has access, how often Password is changed, who keeps it?
• Sharing of passwords and Profiles
5. Job Scheduler
• How are Jobs submitted. Print the entire list.
• What profile is used to Submit Jobs ?
• Use of Authorization Lists
• Use of Job Descriptions
• Where are programs located on the system
• Use of PDM
• What tools are being used for Backups
• How often and Retention
• Media and OFFSITE policies