Non-compliance can lead to increasing costs. Regulatory violations involving data protection and privacy can have severe and unintended consequences. In addition, companies must keep pace with changes that arise from numerous legislative and regulatory bodies. Global organizations have the added liability of dealing with national and international-specific regulations.
Proving that you are compliant entails compiling and organizing data from multiple sources to satisfy auditor’s requests. Preparing for compliance audits can be a major time drain, and maintaining, updating, and adding new processes for compliance can be a costly effort.
How do you keep constant changes to regulations and your security posture in check? It starts with establishing a baseline: knowing and understanding your current security posture, comparing it with IBM Z® security capabilities, and knowing the latest standards and regulations that are relevant to your organization. IBM Z Security and Compliance Center can help take the complexity out of your compliance workflow and the ambiguity out of audits while optimizing your audit process to reduce time and effort.
This IBM Redbooks® publication helps you make the best use of IBM Z Security and Compliance Center and aid in mapping all the necessary IBM Z security capabilities to meet compliance and improve your security posture. It also shows how to regularly collect and validate compliance data, and identify which data is essential for auditors.
After reading this document, you will understand how your organization can use IBM Z Security and Compliance Center to enhance and simplify your security and compliance processes and postures for IBM z/OS® systems.
This publication is for IT managers and architects, system and security administrators
Chapter 1. Compliance as a top priority and challenge
Chapter 2. Staying on top of security and compliance
Chapter 3. Understanding the solution
Chapter 4. Exploring security and compliance use cases
Chapter 5. Validating security and compliance postures
Appendix A. How to find and remediate failing goals
Appendix B. SMF record type 1154 overview