>IIRC, you can still get a "audit trail" of what TSO commands a user invokes, >but not under ISPF.
TSOMON ($$) will track even under ISPF. >Sooner or later, even auditors have to realize that certain people must be >"trusted" to do their jobs correctly. It's not the auditors. It's a compliance issue; the auditor does/should not determine what to track. Rather, they require reporting on what is required to monitor compliance. It's a true separation of duty (generic terminology): 1. Standards Officer -- determines what are "best practices". 2. Auditor -- reports on which standards are(n't) being met. 3. Compliance Officer -- enforces standards. Too many people are 'afraid' of auditors, but in a 'proper environment', they have no enforcement capabilities. If there is no true separation of duty, then there is a potential for conflicts of interest! When in doubt. PANIC!! ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
