This audit work program reviews RACF mainframe controls.
One objective of this audit is to ensure that a current inventory of system software exists and is regularly maintained. This helps to determine that system software is regularly updated as needed to support the business. It also helps to determine that system software is protected by RACF, thereby protecting critical company resources. A second objective includes ensuring that procedures surrounding change control for system software updates, including policies for authorization, installation, testing, documentation, approval and implementation, are in place.