Security policy management on IBM z/VM
Most organizations have a security policy that typically states the rules for controlling access to data. Statements for data ownership and rules about granting the least access that is necessary for each role also are in place.
However, few instructions might be available about the practical scenario of implementation. Little mention often is made of any of the IT platforms that are involved. Therefore, little or no link exists between that policy and the security procedures that must exist.