Mainframe audit explained

A mainframe audit is a comprehensive inspection of computer processes, security, and procedures,with recommendations for improvement.

Definition of mainframe

A mainframe computer is not easy to define. Most people associate a mainframe with a large computer, but mainframes are getting smaller all the time. The terms mainframe and enterprise server are converging. Supercomputers are generally used for their speed and complexity, while mainframes are used for storing large volumes of sensitive data. Mainframes are typically the most secure, efficient, and cost-effective computing option for organizations dealing with transactions on a large, enterprise-level scale.

Considerations

Organizations in different industries have different auditing and security requirements. Some factors affecting the organizations' requirements are: regulatory requirements and other external factors; management, objectives, and business practices; and the organizations' performance compared to the industry. This information can be obtained by conducting outside research, interviewing employees, touring the data center and observing activities, consultations with technical experts, and looking at company manuals and business plans.

Another consideration is the level of mainframe access employees have and if password policies are in place and followed. Evidence of implementation can be obtained by requesting employee manuals, evaluating the software and user histories, and by physical observation of the environment. (Gallegos, 2004).

Physical access is also an area of interest. Are cables adequately protected from damage and sniffing between the Network and the Data Center? This can be achieved by proper routing of the cables, encryption, and a good network topology. Physical observation of where the cables are routed and confirmation of the security procedures should be obtained. Tests of controls should be conducted to determine any additional weaknesses.

Does the mainframe have access to an adequate uninterruptible power supply? Are physical controls such as power badges for access, fire suppression devices, and locks in place to protect the data center (and the mainframe inside) from theft, manipulation or damage? Physical observation is necessary to ensure these requirements.

The Operating System

Security server

Application system

Evaluate whether sufficient evidence was obtained

After performing the necessary tests and procedures, determine whether the evidence obtained is sufficient to come to a conclusion and recommendation.

How is the security of the mainframe maintained?

Mainframes, despite their reliability, possess so much data that precautions need to be taken to protect the information they hold and the integrity of the system. Security is maintained with the following techniques:

To gauge the effectiveness of these internal controls an auditor should do outside research, physically observe controls as needed, test the controls, perform substantive tests, and employ computer assisted audit techniques when prudent.

References

External links