Skip to main content
Image coming soon

SEC9068 Mastering SOC 2 for z/OS System Programming Teams

$199.00
Adding to cart… The item has been added

A tailored course, built for your situation

Mastering SOC 2 for z/OS System Programming Teams

Deep technical control mapping for core IBM mainframe environments

$199 one-time
24-hour access provisioning 30-day money-back guarantee Hand-built implementation playbook
12 modules. 12 chapters per module. 144 chapters total.
12 modules, each with 12 chapters (144 chapters total), text-based, plus downloadable templates and a hand-built implementation playbook delivered alongside course access.
Control implementation still routed through junior compliance analysts?

The situation this course is for

SOC 2 control deployment often fails when platform-specific decisions are deferred to non-specialists. Mainframe environments require precision that generalist teams can’t deliver.

Who this is for

Senior z/OS system programmer at a global systems integrator, responsible for audit-ready configurations in high-compliance environments.

Who this is not for

Entry-level auditors, non-technical compliance coordinators, or consultants without mainframe access.

What you walk away with

  • Define and document control configurations in RACF, IPCS, and SMF independently
  • Own the definition of security event thresholds without escalation
  • Approve log retention policies tailored to z/OS operational rhythms
  • Classify and manage privileged access in ACF2 environments without compliance team sign-off
  • Deliver audit-ready control evidence directly from system logs

The 12 modules (with all 144 chapters)

Module 1. SOC 2 Trust Principles in z/OS Context
Map security, availability, and confidentiality criteria to mainframe subsystems and operational realities.
12 chapters in this module
  1. Understanding SOC 2 Type I vs Type II in audit cycles
  2. Control objectives for encrypted data at rest on DASD
  3. Aligning RACF profiles with access requirement clauses
  4. SMF record types relevant to monitoring controls
  5. z/OS security tokens and session validation rules
  6. Mainframe-specific risk scenarios under SOC 2
  7. Control overlap with ISO 27001 in client environments
  8. Documenting control boundaries in mixed-platform estates
  9. Mapping control ownership to RACF admin roles
  10. Time-stamping compliance events in UTC on z/OS
  11. Audit trail completeness requirements for change logs
  12. Version control for PARMLIB and SYS1.PROCLIB
Module 2. Control Mapping in RACF Environments
Translate SOC 2 requirements into precise RACF rule sets, profiles, and monitoring protocols.
12 chapters in this module
  1. RACF resource classes covered under SOC 2
  2. Defining access levels for GEN resource types
  3. Implementing rule-based access for CICS regions
  4. Automating group membership reviews
  5. Configuring secondary password checking
  6. Managing digital certificates in ICSF
  7. Enforcing MFA for z/OSMF access
  8. Controlled access to DB2 subsystems via RACF
  9. Privileged ID segmentation for sysprogs
  10. RACF reporting for compliance evidence
  11. Integrating RACF alerts with SIEM tools
  12. Retention settings for SECURITY and ACCESS logs
Module 3. SMF Data for Compliance Evidence
Turn system management data into auditable control outputs with minimal overhead.
12 chapters in this module
  1. Selecting SMF types for SOC 2 reporting
  2. Configuring Type 80 for TCP/IP access logs
  3. Parsing Type 30 for job initiation tracking
  4. SMF 42 and 89 records for security events
  5. Automated extraction of failed login attempts
  6. Correlating SMF data with user IDs
  7. Filtering noise in SMF records for audits
  8. Time-synchronized logging across LPARs
  9. Storing SMF data to meet retention policies
  10. Exporting SMF to external compliance tools
  11. Validating SMF integrity with checksums
  12. Documenting SMF configuration as control
Module 4. Access Control Implementation
Own the full lifecycle of access decisions on z/OS without deferral.
12 chapters in this module
  1. User provisioning workflows under SOC 2
  2. Segregation of duties in mainframe environments
  3. Approving access to production datasets
  4. Temporary access with automatic expiry
  5. Reviewing access entitlements quarterly
  6. Detecting dormant accounts in RACF
  7. Handling emergency IDs under audit rules
  8. Logging access changes in SYSLOG
  9. Validating role-based access in practice
  10. Automating access certification reports
  11. Handling access revocation upon role change
  12. Documenting access decisions for auditors
Module 5. Change Management Integration
Embed compliance into standard change workflows without slowing delivery.
12 chapters in this module
  1. Defining change types under SOC 2 scope
  2. Routing emergency changes with audit trail
  3. Approving changes to security parameters
  4. Maintaining CMDB accuracy for z/OS assets
  5. Linking change tickets to control updates
  6. Reviewing change success with SMF data
  7. Rollback procedures with compliance logging
  8. Change freeze periods around audits
  9. Validating change effectiveness via testing
  10. Documenting change approvals for auditors
  11. Tracking configuration drift in LPARs
  12. Integrating change logs with GRC platforms
Module 6. Logging and Monitoring Configuration
Set system-level logging standards that satisfy auditors and enhance security.
12 chapters in this module
  1. Defining event severity levels in SYSLOG
  2. Configuring z/OSMF audit logs
  3. Monitoring for unauthorized RACF changes
  4. Alerting on policy deviation in real time
  5. Centralizing logs in enterprise SIEM
  6. Retention settings for compliance
  7. Validating log integrity with hashing
  8. Detecting log tampering attempts
  9. Masking sensitive data in logs
  10. Correlating events across subsystems
  11. Testing log alerting with red-team inputs
  12. Documenting monitoring rules as control
Module 7. Encryption and Data Protection
Implement and verify encryption controls across data states on z/OS.
12 chapters in this module
  1. z/OS encryption for data at rest
  2. Implementing ICSF for key management
  3. Securing data in transit via TLS
  4. Defining data classification levels
  5. Handling PII in VSAM and DB2
  6. Masking sensitive fields in test environments
  7. Key rotation policies under SOC 2
  8. Auditing encryption compliance
  9. Documenting cryptographic controls
  10. Validating encryption at subsystem level
  11. Integrating with enterprise PKI
  12. Controlling access to encryption keys
Module 8. Incident Response Alignment
Define your role in SOC 2-aligned incident handling without overstepping.
12 chapters in this module
  1. Identifying incidents under SOC 2 scope
  2. Escalating security events per policy
  3. Preserving evidence in core dumps
  4. Coordinating with SOCs and analysts
  5. Documenting incident timelines
  6. Validating system recovery integrity
  7. Reviewing access logs post-incident
  8. Updating controls based on root cause
  9. Reporting incident metrics to compliance
  10. Maintaining audit trail during response
  11. Testing incident playbooks
  12. Documenting response activities
Module 9. Vendor and Third-Party Controls
Oversee external access and integrations under compliance rules.
12 chapters in this module
  1. Approving third-party access requests
  2. Reviewing vendor security questionnaires
  3. Managing access for remote support
  4. Validating MFA for external users
  5. Monitoring vendor activity in SMF
  6. Enforcing contract-specific controls
  7. Auditing third-party session logs
  8. Revoking access after engagement
  9. Handling data sharing with vendors
  10. Documenting due diligence steps
  11. Reviewing vendor SOC 2 reports
  12. Reporting vendor risks to program leads
Module 10. Automated Control Validation
Use scripts and tools to verify control integrity without manual checks.
12 chapters in this module
  1. Scripting RACF policy audits
  2. Automating access review reports
  3. Validating SMF configuration
  4. Checking for unauthorized changes
  5. Scheduling control checks
  6. Integrating with scheduler tools
  7. Alerting on control deviation
  8. Generating evidence automatically
  9. Storing results in compliance repo
  10. Versioning control scripts
  11. Testing automation logic
  12. Documenting automation as control
Module 11. Audit Preparation and Evidence
Produce auditor-ready outputs directly from system tools.
12 chapters in this module
  1. Compiling control evidence packages
  2. Formatting RACF reports for auditors
  3. Extracting SMF data in usable formats
  4. Documenting control operation
  5. Responding to auditor inquiries
  6. Providing system-level explanations
  7. Demonstrating control effectiveness
  8. Linking evidence to SOC 2 criteria
  9. Preparing for walkthroughs
  10. Maintaining evidence repository
  11. Updating documentation quarterly
  12. Handling auditor follow-ups
Module 12. Sustaining Compliance Over Time
Keep controls audit-ready between review cycles.
12 chapters in this module
  1. Scheduling quarterly access reviews
  2. Updating control documentation
  3. Tracking control exceptions
  4. Managing compensating controls
  5. Reporting compliance metrics
  6. Aligning with client audit cycles
  7. Maintaining versioned playbooks
  8. Onboarding new team members
  9. Updating for z/OS upgrades
  10. Integrating with enterprise GRC
  11. Benchmarking control maturity
  12. Driving continuous improvement

How this maps to your situation

  • Implementing SOC 2 controls on mainframe platforms
  • Reducing reliance on external compliance teams
  • Owning technical control decisions end to end
  • Producing audit-ready outputs from z/OS subsystems

Before vs. after

Before
Waiting for compliance teams to approve RACF changes or define log retention policies
After
Direct sign-off on control implementation in z/OS environments

What's included with your purchase

  • 12 modules with 12 chapters each (144 chapters)
  • Downloadable templates and worked examples for every module
  • Hand-built implementation playbook delivered alongside course access
  • 30-day money-back guarantee

Delivery and format

  • Course and learning environment access provisioned within 24 hours of purchase
  • Hand-built implementation playbook delivered alongside course access

Format: Text-based modules and chapters in the Art of Service learning environment, plus downloadable templates and worked examples for every chapter, plus the hand-built implementation playbook delivered alongside course access.

Time investment: Approximately 2.5 hours per module; designed for integration into regular workflow.

If nothing changes
Continued deferral of platform-specific controls leads to audit delays, misconfigured systems, and eroded trust in technical decisions.

How this compares to the alternatives

Generic SOC 2 courses focus on theory and spreadsheets. This course delivers actionable, platform-specific control implementation for z/OS, where audits are won or lost.

Frequently asked

Is this course specific to IBM z/OS environments?
Yes. Every control example and template is built for RACF, SMF, IPCS, and z/OSMF.
How is the course structured?
12 modules, each containing 12 chapters (144 chapters total).
Does this cover other frameworks like ISO 27001?
Focus is SOC 2, but control mappings highlight where ISO 27001 overlaps occur.
$199 one-time. Approximately 2.5 hours per module; designed for integration into regular workflow..

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.

30-day money-back guarantee· 144 chapters· Hand-built playbook included· Account access within 24 hours