Non-compliance could lead to increasing costs. Regulatory violations involving data
protection and privacy can have severe and unintended consequences. In addition,
companies must keep pace with changes that arise from numerous legislative and regulatory
bodies. Global organizations have the added liability of dealing with national and
international-specific regulations.
To prove you are compliant entails compiling and organizing data from multiple sources to
satisfy auditor’s requests. Preparing for compliance audits can be a major time drain and
maintaining, updating, and adding new processes for compliance can be a costly effort.
How do you keep constant changes to regulations and your security posture in check? It
starts with establishing a baseline—knowing and understanding your current security posture,
comparing it with IBM® zSystems security capabilities, and the latest standards and
regulations relevant to your organization. IBM Z® Security and Compliance Center can help
take the complexity out of your compliance workflow and the ambiguity out of audits, while
optimizing your audit process to reduce time and effort.
This IBM Redbooks® publication will help you make best use of IBM Z Security and
Compliance Center and aid in mapping of the necessary IBM zSystems security capabilities
to meet compliance and improve your security posture. It also shows how to regularly collect
and validate compliance data, and identify which data is essential for auditors.
After reading this document, you will understand how your organization can use IBM Z
Security and Compliance Center to enhance and simplify your security and compliance
processes and postures for z/OS systems.
Chapter 1. Compliance is a top priority and a challenge
Chapter 2. Staying on top of security and compliance
Chapter 3. Understanding the solution
Chapter 4. Exploring security and compliance use cases
Chapter 5. Validating security and compliance postures
Appendix A. How to find and remediate failing goals
Appendix B. SMF record type 1154 overview
The material included in this document is in DRAFT form and is provided 'as is' without warranty of any kind. IBM is not responsible for the accuracy or completeness of the material, and may update the document at any time. The final, published document may not include any, or all, of the material included herein. Client assumes all risks associated with Client's use of this document.