https://www.ibm.com/support/pages/system/files/inline-files/zOS%20Preventive%20Maintenance%20Strategy_1.pdf
IBM creates RSUs quarterly and suggests applying 2-4 times a year. Have management consider quarterly RSU implementations, Explain monthly PUT tapes have less testing of PTFs and therefore more chances of errors being encountered. On Tue, Dec 10, 2024 at 11:40 AM Jousma, David <[email protected]> wrote: > > ITschak > > We don’t keep the log files from that far back. I have apply listings that > they have pored over (the auditor used to be a sysprog). Our audit process > says that I have to keep all apply listings, well, being a manual process > (sdsf XDC command), one of the larger Apply listings is missing (I told him > that). I went on to explain that we select maintenance based on SOURCEID’s > like RSU, FIXCAT, etc and that the later apply listings with the same > selection criteria but fewer PTF’s indicates that was there was remaining to > apply. His issue is that he wouldn’t know if he has all the listings or > not. He didn’t seem interested with my saying that I’d be shooting myself > in the foot if I was applying Fixes known to be in error….. > > Well, what he was wanting to see was all the listings to see that there were > no BYPASS HOLD ERROR specified. I explained to him that there are certain > rare cases where we would do that, either at the direction of the support > center, or to get a specific FMID installed, and come around with the needed > maintenance after that. > > Yea, he’s digging way deeper than I ever expected. Then we got into > vulnerability management. Another can of worms. When we do maintenance, > we do pull the SMPE ++ASSIGN data from the Security Portal and apply all > PTF’s with SECINT sourceID. His next question was how often we applied > maintenance….we do it 2 times per year. Corp standard is vulnerabilities > get fixed within 90 days of reporting. We’ll likely write a Risk acceptance > for that. > > Dave Jousma > Vice President | Director, Technology Engineering > > > > > > From: IBM Mainframe Discussion List <[email protected]> on behalf of > ITschak Mugzach <[email protected]> > Date: Tuesday, December 10, 2024 at 12:16 PM > To: [email protected] <[email protected]> > Subject: Re: SMPE and auditors > > > > Let your auditor access to the smp log files and find the answer himself. > > > > ITschak > > > > *| **Itschak Mugzach | Director | SecuriTeam Software **|** IronSphere > > Platform* *|* *Information Security Continuous Monitoring for Z/OS, zLinux > > and IBM I **| * > > > > *|* *Email**: [email protected] **|* *Mob**: +972 522 986404 **|* > > *Skype**: ItschakMugzach **|* *Web**: > https://urldefense.com/v3/__http://www.Securiteam.co.il__;!!MwwqYLOC6b6whF7V!gInxYLhsrbsMuZRVRWgftUwtVi4Jz06sgPTrXtwsu8gWeFORarWIDhmHZ1QQRZaSD773WEXaxt-isYRNxJyqXVG66w25x7hzcMY$<https://urldefense.com/v3/__http:/www.Securiteam.co.il__;!!MwwqYLOC6b6whF7V!gInxYLhsrbsMuZRVRWgftUwtVi4Jz06sgPTrXtwsu8gWeFORarWIDhmHZ1QQRZaSD773WEXaxt-isYRNxJyqXVG66w25x7hzcMY$> > **|* > > > > > > > > > > > > בתאריך יום ג׳, 10 בדצמ׳ 2024 ב-19:12 מאת Jousma, David < > > [email protected]>: > > > > > All, > > > > > > I have an auditor that would like to see if there were any PTF’s applied > > > in my environment where BYPASS HOLDERROR was specified. Its not enough > > > for me to tell them that there weren’t any. I have been playing around > > > with SMPE list commands, and can list PTF’s where BYPASS was specified, but > > > no further granularity that I can see. And I guess it’s a bit more > > > complicated than that, as rare as it is to bypass HOLDERROR, I could forsee > > > one being applied after talking with support center, and then later, the > > > fixing PTF came along and was applied. > > > > > > Any ideas that I am missing? > > > > > > Dave Jousma > > > Vice President | Director, Technology Engineering > > > > > > > > > > > > > > > > > > This e-mail transmission contains information that is confidential and may > > > be privileged. It is intended only for the addressee(s) named above. If > > > you receive this e-mail in error, please do not read, copy or disseminate > > > it in any manner. If you are not the intended recipient, any disclosure, > > > copying, distribution or use of the contents of this information is > > > prohibited. Please reply to the message immediately by informing the sender > > > that the message was misdirected. After replying, please erase it from your > > > computer system. Your assistance in correcting this error is appreciated. > > > > > > ---------------------------------------------------------------------- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to [email protected] with the message: INFO IBM-MAIN > > > > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to [email protected] with the message: INFO IBM-MAIN > > This e-mail transmission contains information that is confidential and may be > privileged. It is intended only for the addressee(s) named above. If you > receive this e-mail in error, please do not read, copy or disseminate it in > any manner. If you are not the intended recipient, any disclosure, copying, > distribution or use of the contents of this information is prohibited. Please > reply to the message immediately by informing the sender that the message was > misdirected. After replying, please erase it from your computer system. Your > assistance in correcting this error is appreciated. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
