STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 5 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to z/OS ROSCOE for TSS Security Technical Implementation Guide

V-225604

CAT II (Medium)

Resource Class ROSRES is not defined or active in the Access Control Program (ACP).

Rule ID

SV-225604r1146143_rule

STIG

z/OS ROSCOE for TSS Security Technical Implementation Guide

Version

V7R2

CCIs

CCI-000336CCI-002358

Discussion

Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS operating system and user data.

Check Content

Refer to the following report produced by the ACP Data Collection:

- TSSCMDS.RPT(#RDT).

If the ROSCOE Resource Class(es) is (are) defined in the Resource Definition Table (RDT) as follows, this is not a finding.

  RESOURCE CLASS = ROSRES
   RESOURCE CODE = X'hex code'
       ATTRIBUTE = MASK|NOMASK,MAXOWN(08),MAXPERMIT(044),ACCESS,DEFPROT
          ACCESS = NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000)
          ACCESS = WRITE(2000),ALL(FFFF)
          DEFACC = READ

Fix Text

The ISSO will ensure the Product resource class(es) is (are) defined in the TSS RDT. The ISSO will issue one of the following commands to define the Product resource class(es):

TSS REPLACE(RDT) RESCLASS(ROSRES) -
  MAXLEN(044) -
  ATTR(MASK|NOMASK,DEFPROT) -
  ACLST(NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000),WRITE(2000),ALL(FFFF)) -
  DEFACC(READ)

TSS ADDTO(RDT) RESCLASS(ROSRES) -
  RESCODE(hex-code) -
  ATTR(MASK|NOMASK,DEFPROT) -
  ACLST(NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000),WRITE(2000),ALL(FFFF)) -
  DEFACC(READ)