HG73: How to Audit CICS

(1 Day, 8 CPE Credits; $510)

Please click: Here for Registration Form

For more information on seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels for IS Audit Training

This class shows you how to audit CICS (Customer Information Control System), the most

widely used online transaction management software on IBM mainframe computers. You will learn what CICS is, how its security works, and how to audit it.

Who Should Attend HG73?

HG73: You Will Learn:

  • How CICS is used (a typical application as a reference example)
  • How CICS works
  • Recent developments in CICS security
  • Where the control points are in CICS and how to evaluate them
  • What data to collect and how to interpret it
  • How to conduct the audit, from planning and scoping through follow-up
  • What all the related buzzwords and acronyms mean
  • How to conduct the audit rapidly and efficiently, with maximum benefit to your organization

The workbook is a valuable reference, and includes a complete audit program.

Class Outline

       Table of Contents and Class Outline: HG73: How to Audit CICS

I     Keywords and Concepts

        A.  Introduction
        B.  What Is CICS and How Does It Work
        C.  Basic CICS Concepts and How They Fit Together  
        D.  The Life of a CICS Transaction
        E.  How Two CICS Regions Can Interconnect
        F.  How to Find Out How CICS is Used in Your Organization
        G.  Control Objectives
        H.  The Audit Program

II    Action Plan

        A.  Scoping, Planning, and Basic Data-Gathering
        B.  Evaluation of CICS Security for a Single Region
        C.  Evaluation of CICS Security Across Regions
        E.  Wrap-up, Working Papers, Follow-up

III   Forms and Reference

        A.  Basic Security Model
        B.  Forms to Document CICS Regions
        C.  Audit Plan
        D.  Model Documents
        E.  DFHSIT Operands for Security
        F.  SYS1.VTAMLST


Please note that these seminars are available for In-House Sessions.

You can save more money by learning about our seminar Discounts

Return to Top of Page         Return to Home Page

Stu Henderson offers MVS security audits, consulting, seminars, articles, and other information sharing related to information security and auditing. His consulting includes: security reviews, risk assessments, RACF implementation assistance, and Information Technology audit technical counseling.
His most popular seminars provide: RACF training, mainframe audit training including MVS and z/OS audit training. His RACF seminars include: "Effective RACF Administration", "Advanced RACF Administration", and "UNIX (USS) for RACF Administrators".
His audit seminars include: "How to Audit MVS, RACF, ACF2, TopSecret, CICS, DB2, and MQ Series Security" and the follow-on "How to Audit z/OS with USS, TCP/IP, FTP, and the Internet". They also include "How to Audit UNIX and Windows Security" and "How to Audit TCP/IP Security".
Information on class location and schedules, as well as articles, links and other useful information sharing may be found on his website at www.stuhenderson.com