SV-86r4_rule
V-86
AAMV0060
AAMV0060
CAT II
10
The IAO working with the systems programmer will ensure that documentation and/or source code are available for AC=1 modules that reside in the APF Authorized libraries.
Documentation for Vendor APF Authorized libraries identifying the integrity and justification will be available. Examples of this type of documentation can be in the form of product installation guides or product system programming guides.
Documentation and source code for non-vendor AC=1 modules in APF Authorized libraries identifying the integrity and justification will be available.
A review of the above documentation and/or source will be performed on an annual basis.
Refer to the following reports produced by the z/OS Data Collection:
- EXAM.RPT(APFXRPT)
Automated Analysis requires Additional Analysis.
Refer to the following report produced by the Data Set and Resource Data Collection:
- PDI(AAMV0060)
Verify that AC=1 modules identified in the APF Authorized data sets specified in EXAM.RPT(APFXRPT) have documentation and/or source code. If the following guidance is true, this is not a finding.
___ Documentation for Vendor APF Authorized libraries identifying the integrity and justification are maintained by the IAO.
___ Documentation and source code for non-vendor AC=1 modules in APF Authorized libraries identifying the integrity and justification are maintained by the IAO.
___ Review of all Vendor and non-vendor AC=1 modules in APF Authorized libraries will be reviewed on an annual basis.
V-86
True
AAMV0060
Refer to the following reports produced by the z/OS Data Collection:
- EXAM.RPT(APFXRPT)
Automated Analysis requires Additional Analysis.
Refer to the following report produced by the Data Set and Resource Data Collection:
- PDI(AAMV0060)
Verify that AC=1 modules identified in the APF Authorized data sets specified in EXAM.RPT(APFXRPT) have documentation and/or source code. If the following guidance is true, this is not a finding.
___ Documentation for Vendor APF Authorized libraries identifying the integrity and justification are maintained by the IAO.
___ Documentation and source code for non-vendor AC=1 modules in APF Authorized libraries identifying the integrity and justification are maintained by the IAO.
___ Review of all Vendor and non-vendor AC=1 modules in APF Authorized libraries will be reviewed on an annual basis.
M
Information Assurance Officer
106