Bri P wrote:
It shouldn't matter too much for your PCI audit. The requirement is not really
that each server has exactly the same time, as long as any time difference is
fairly constant and is quantifiable. It's there really so that different
server's system logs can be used collectively or in concert should some later
investigation into something become necessary.
If you can demonstrate to your auditor that you take steps to ensure that the
mainframe clock does not drift too much and that you know what any time
difference is, he should accept that, or at least note that a compensating
control is in place. For example, twice a year setting the HMC system clock
with some external time reference (even the Speaking Clock) and ensuring that
your IPL'd systems pick up that changed time. You don't need to be
second-accurate, as long as the difference is known.
Keep in mind that the TOD clock represents GMT (or UTC). Local time is
calculated by adjusting GMT by CVTLDTO and CVTLSO. If the TOD drifts by
a second or more, you can fix local time with a compensating adjustment
to the time zone offset. See SET TIMEZONE= command.
--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
