Audit – do you need it, do you care?
GDPR is in force and companies are paying mega-bucks. But GDPR is an old hat these days! Coming up on the 17th of January 2025 is DORA (Digital Operational Resilience Act).
DORA combines a whole bunch of disparate European regulations into one unified whole for the complete finance sector (FINTECH). DORA covers *everything* to do with being resilient in data processing:
- Security
- Operations
- Recoverability
- Test
Additional and standalone to SEG’s SQL WorkloadExpert / WLX Audit Tool, SEG offers in 2024 as this year’s SEG Christmas give-away a SecurityAudit HealthCheck for Db2 z/OS (Short form: SAC2).
SAC2 audits six different groups of security concerns for DBAs to control, investigate or accept. This tool generates a report that identifies all CIS-listed security concerns and much more.
The six areas are:
- ZPARM security-relevant settings and bad default settings as well as DDF checks.
- Communication database.
- Db2 Catalog GRANTs.
- Db2 GRANTs and WITH GRANT option.
- Trusted Contexts, Row Permissions, ColumnMasks, Audit Policies and Roles.
- Privileged User IDs.
Note that when Db2 Catalog is mentioned the Db2 Directory, XML, AI and TMS databases are also included.
Simple to install. Running the SAC2 consists of executing a single batch job.
IT solutions for global businesses