|
CA-ACF2 Implementation
An installation implementing CA-ACF2 may not have experienced staff available and will find experienced assistance during implementation to be beneficial. Depending on the particular needs of an individual installation, any combination of the following may be required:
Determination of CA ACF2 facilities to be used
Implementation time-scales and planning
Training for end users and security administration staff
Development of procedures for the maintenance and management of the access control system
Setting up of initial access rules and user definitions to get a working system operational as quickly as possible
Due to the nature of the work involved it is usual for such assistance to be based on a few days attendance each month, as required, over a period of several months rather than as a full time task.
Longer term maintenance support can also be provided where a company has insufficient availability of permanent staff or to provide sickness/holiday cover. Limited remote ‘dial-up’ support may be practical in an emergency situation.
Security Product Conversions
For a variety of reasons, for example after a merger, installations sometimes make the painful decision to convert from one security product to another. With experience of both CA-ACF2 (25 years) and RACF (15 years) Cronos Consulting can provide assistance in both the planning and execution of conversions between these two products, in either direction. Where another consulting organisation has already been contracted to carry out the conversion an independent review of the conversion process prior to live running may help to provide management with additional confidence.
Ongoing Security Support
For all organisations the initial implementation of a mainframe security system is only the beginning of the security workload. Constant monitoring, upgrading and security data maintenance are required, in addition to the normal day-to-day work of administering the system. Many of the tasks to maintain a tight ship tend to be pushed to one side as the administration staff become overloaded with just coping with the daily work. Cronos Consulting can take over some of this background maintenance work on a regular or ad-hoc basis. Such support can also provide cover for staff holidays or sickness.
Software Development & Support
Commercial software products, be they security software such as CA-ACF2 and RACF, or other systems such as tape librarian (e.g. CA-1), batch scheduling (e.g. TWS) etc. cannot provide for every possible installations specific needs, nor interface fully with every other software product on the market. To provide additional functionality or improved security there is often a need for special interfaces between products or with local software. Interfaces, software exits and other special purpose software can be written in IBM Assembler according to the clients specific requirements.
Support, such as modifications to support changing needs or new software releases, can often be provided for clients existing assembler routines.
Where appropriate ISPF panels and supporting code written in REXX can be developed, or existing systems maintained, when suitable local skills are not available or are already fully committed to higher priority work.
Audit Report Implementation
It is not at all unusual for a company to receive an audit report (be it from their own auditors, the external auditors, a consulting company, or even a government compliance body) full of recommendations which is difficult to understand, let alone convert to an action plan. Such interpretation may be due to a lack of suitable current skills in the organisation but is most often due to the use of different terminology in the report to that commonly used by the security or technical staff who must work with it. Poorly written, and occasionally inaccurate, reports can aggravate the implementation problems. With over twenty years experience in writing audit reports Cronos Consulting can assist in converting an audit report from another organisation into a practical implementation plan, and if required then provide assistance with the actual work.
|
