STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 7 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to z/OS CL/SuperSession for ACF2 Security Technical Implementation Guide

V-224286

CAT II (Medium)

CL/SuperSession Started Task name is not properly identified / defined to the system ACP.

Rule ID

SV-224286r1144190_rule

STIG

z/OS CL/SuperSession for ACF2 Security Technical Implementation Guide

Version

V7R2

CCIs

CCI-000764

Discussion

CL/SuperSession requires a started task that will be restricted to certain resources, datasets, and other system functions. Defining the started task as a userid to the system ACP allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities could compromise the operating system environment, ACP, and customer data.

Check Content

Refer to the following report produced by the ACF2 Data Collection:

- ACF2CMDS.RPT(ATTSTC).

Verify that the logonid(s) for the CL/SUPERSESSION started task(s) is (are) properly defined. If the following attributes are defined, this is not a finding.

STC
MUSASS
NO-SMC

Fix Text

The systems programmer and ISSO will ensure that the started task for CL/SuperSession is properly defined.

Review all session manager security parameters and control options for compliance. Develop a plan of action and implement the changes as specified.

Define the started task userid KLS for CL/SuperSession.

Example:

INSERT KLS NAME(STC, CL/SuperSession) MUSASS NO-SMC STC