kriterion 0.0.1

data/standards/stig_zos_hcdtss.json

@@ -0,0 +1,29 @@
+{
+  "name": "stig_zos_hcdtss",
+  "date": "2015-01-15",
+  "description": "None",
+  "title": "z/OS HCD for TSS STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "IBM Hardware Configuration Definition (HCD) install data sets are not properly protected.",
+      "description": "IBM Hardware Configuration Definition (HCD) product has the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17947",
+      "title": "IBM Hardware Configuration Definition (HCD) resources are not properly defined and protected.",
+      "description": "Program products can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to program product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data. Many utilities assign resource controls that can be granted to system programmers only in greater than read authority. Resources are also granted to certain non sytems personnel with read only authority.  ",
+      "severity": "medium"
+    },
+    {
+      "id": "V-21592",
+      "title": "IBM Hardware Configuration Definition (HCD) User data sets are not properly protected.",
+      "description": "IBM Hardware Configuration Definition (HCD) product has the capability to use privileged functions and/or to have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_ibm_cics_transaction_serveracf2.json

@@ -0,0 +1,17 @@
+{
+  "name": "stig_zos_ibm_cics_transaction_serveracf2",
+  "date": "2018-01-05",
+  "description": "None",
+  "title": "z/OS IBM CICS Transaction Server for ACF2 STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-17982",
+      "title": "IBM CICS Transaction Server SPI command resources must be properly defined and protected.",
+      "description": "IBM CICS Transaction Server can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_ibm_cics_transaction_serverracf.json

@@ -0,0 +1,17 @@
+{
+  "name": "stig_zos_ibm_cics_transaction_serverracf",
+  "date": "2018-01-05",
+  "description": "None",
+  "title": "z/OS IBM CICS Transaction Server for RACF STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-17982",
+      "title": "IBM CICS Transaction Server SPI command resources must be properly defined and protected.",
+      "description": "IBM CICS Transaction Server can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_ibm_cics_transaction_servertss.json

@@ -0,0 +1,17 @@
+{
+  "name": "stig_zos_ibm_cics_transaction_servertss",
+  "date": "2018-01-05",
+  "description": "None",
+  "title": "z/OS IBM CICS Transaction Server for TSS STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-17982",
+      "title": "IBM CICS Transaction Server SPI command resources must be properly defined and protected.",
+      "description": "IBM CICS Transaction Server can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_ibm_health_checkeracf2.json

@@ -0,0 +1,23 @@
+{
+  "name": "stig_zos_ibm_health_checkeracf2",
+  "date": "2015-01-15",
+  "description": "None",
+  "title": "z/OS IBM Health Checker for ACF2 STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-17067",
+      "title": "IBM Health Checker STC data sets will be properly protected.",
+      "description": "IBM Health Checker STC data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM Health Checker Started Task name will be properly identified and/or defined to the system ACP.",
+      "description": "IBM Health Checker requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_ibm_health_checkerracf.json

@@ -0,0 +1,29 @@
+{
+  "name": "stig_zos_ibm_health_checkerracf",
+  "date": "2015-01-15",
+  "description": "None",
+  "title": "z/OS IBM Health Checker for RACF STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-17067",
+      "title": "IBM Health Checker STC data sets will be properly protected.",
+      "description": "IBM Health Checker STC data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM Health Checker Started Task name will be properly identified and/or defined to the system ACP.",
+      "description": "IBM Health Checker requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17454",
+      "title": "IBM Health Checker Started task will be properly defined to the STARTED resource class for RACF.",
+      "description": "Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources.  Improper control of product resources could potentially compromise the operating system, ACP, and customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_ibm_health_checkertss.json

@@ -0,0 +1,29 @@
+{
+  "name": "stig_zos_ibm_health_checkertss",
+  "date": "2015-01-15",
+  "description": "None",
+  "title": "z/OS IBM Health Checker for TSS STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-17067",
+      "title": "IBM Health Checker STC data sets will be properly protected.",
+      "description": "IBM Health Checker STC data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM Health Checker Started Task name will be properly identified and/or defined to the system ACP.",
+      "description": "IBM Health Checker requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17454",
+      "title": "IBM Health Checker Started task will be properly defined to the Started Task Table for Top Secret.",
+      "description": "Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources.  Improper control of product resources could potentially compromise the operating system, ACP, and customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_ibm_system_display_and_search_facility_sdsfacf2.json

@@ -0,0 +1,53 @@
+{
+  "name": "stig_zos_ibm_system_display_and_search_facility_sdsfacf2",
+  "date": "2016-03-28",
+  "description": "None",
+  "title": "z/OS IBM System Display and Search Facility (SDSF) for ACF2 STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "IBM System Display and Search Facility (SDSF) installation data sets will be properly protected.",
+      "description": "IBM System Display and Search Facility (SDSF) installation data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM System Display and Search Facility (SDSF) Started Task name will be properly identified and/or defined to the system ACP.",
+      "description": "IBM System Display and Search Facility (SDSF) requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17947",
+      "title": "IBM System Display and Search Facility (SDSF) resources must be properly defined and protected.",
+      "description": "IBM System Display and Search Facility (SDSF) can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17982",
+      "title": "IBM System Display and Search Facility (SDSF) resources will be properly defined and protected.",
+      "description": "IBM System Display and Search Facility (SDSF) can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18011",
+      "title": "IBM System Display and Search Facility (SDSF) Resource Class will be defined or active in the ACP.",
+      "description": "Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS operating system and user data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18014",
+      "title": "IBM System Display and Search Facility (SDSF) Configuration parameters must be correctly specified.",
+      "description": "IBM System Display and Search Facility (SDSF) ISFPARMS defines global options, panel formats, and security for SDSF.  Failure to properly specify these parameter values could potentially compromise the integrity and availability of the MVS operating system and user data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-21592",
+      "title": "IBM System Display and Search Facility (SDSF) HASPINDX data set identified in the INDEX parameter must be properly protected.",
+      "description": "IBM System Display and Search Facility (SDSF) HASPINDX data set control the execution, configuration, and security of the SDSF products.  Failure to properly protect access to these data sets could result in unauthorized access.  This exposure may threaten the availability of SDSF, and compromise the confidentiality of customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_ibm_system_display_and_search_facility_sdsfracf.json

@@ -0,0 +1,59 @@
+{
+  "name": "stig_zos_ibm_system_display_and_search_facility_sdsfracf",
+  "date": "2016-03-28",
+  "description": "None",
+  "title": "z/OS IBM System Display and Search Facility (SDSF) for RACF STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "IBM System Display and Search Facility (SDSF) installation data sets will be properly protected.",
+      "description": "IBM System Display and Search Facility (SDSF) installation data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM System Display and Search Facility (SDSF) Started Task name will be properly identified and/or defined to the system ACP.",
+      "description": "IBM System Display and Search Facility (SDSF) requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17454",
+      "title": "IBM System Display and Search Facility (SDSF) Started task will be properly defined to the STARTED resource class for RACF.",
+      "description": "Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources.  Improper control of product resources could potentially compromise the operating system, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17947",
+      "title": "IBM System Display and Search Facility (SDSF) resources will be properly defined and protected.",
+      "description": "IBM System Display and Search Facility (SDSF) can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17982",
+      "title": "IBM System Display and Search Facility (SDSF) resources will be properly defined and protected.",
+      "description": "IBM System Display and Search Facility (SDSF) can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18011",
+      "title": "IBM System Display and Search Facility (SDSF) Resource Class will be active in the RACF.",
+      "description": "Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS operating system and user data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18014",
+      "title": "IBM System Display and Search Facility (SDSF) Configuration parameters must be correctly specified.",
+      "description": "IBM System Display and Search Facility (SDSF) ISFPARMS defines global options, panel formats, and security for SDSF.  Failure to properly specify these parameter values could potentially compromise the integrity and availability of the MVS operating system and user data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-21592",
+      "title": "IBM System Display and Search Facility (SDSF) HASPINDX data set identified in the INDEX parameter must be properly protected.",
+      "description": "IBM System Display and Search Facility (SDSF) HASPINDX data set control the execution, configuration, and security of the SDSF products.  Failure to properly protect access to these data sets could result in unauthorized access.  This exposure may threaten the availability of SDSF, and compromise the confidentiality of customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_ibm_system_display_and_search_facility_sdsftss.json

@@ -0,0 +1,53 @@
+{
+  "name": "stig_zos_ibm_system_display_and_search_facility_sdsftss",
+  "date": "2016-03-23",
+  "description": "None",
+  "title": "z/OS IBM System Display and Search Facility (SDSF) for TSS STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "IBM System Display and Search Facility (SDSF) installation data sets will be properly protected.",
+      "description": "IBM System Display and Search Facility (SDSF) installation data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM System Display and Search Facility (SDSF) Started Task name will be properly identified and/or defined to the system ACP.",
+      "description": "IBM System Display and Search Facility (SDSF) requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17454",
+      "title": "IBM System Display and Search Facility (SDSF) Started task will be properly defined to the Started Task Table ACID for Top Secret.",
+      "description": "Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources.  Improper control of product resources could potentially compromise the operating system, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17947",
+      "title": "IBM System Display and Search Facility (SDSF) resources will be properly defined and protected.",
+      "description": "IBM System Display and Search Facility (SDSF) can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17982",
+      "title": "IBM System Display and Search Facility (SDSF) resources will be properly defined and protected.",
+      "description": "IBM System Display and Search Facility (SDSF) can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18014",
+      "title": "IBM System Display and Search Facility (SDSF) Configuration parameters must be correctly specified.",
+      "description": "IBM System Display and Search Facility (SDSF) ISFPARMS defines global options, panel formats, and security for SDSF.  Failure to properly specify these parameter values could potentially compromise the integrity and availability of the MVS operating system and user data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-21592",
+      "title": "IBM System Display and Search Facility (SDSF) HASPINDX data set identified in the INDEX parameter must be properly protected.",
+      "description": "IBM System Display and Search Facility (SDSF) HASPINDX data set control the execution, configuration, and security of the SDSF products.  Failure to properly protect access to these data sets could result in unauthorized access.  This exposure may threaten the availability of SDSF, and compromise the confidentiality of customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_icsfacf2.json

@@ -0,0 +1,29 @@
+{
+  "name": "stig_zos_icsfacf2",
+  "date": "2015-06-22",
+  "description": "None",
+  "title": "z/OS ICSF for ACF2 STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "IBM Integrated Crypto Service Facility (ICSF) install data sets are not properly protected.",
+      "description": "IBM Integrated Crypto Service Facility (ICSF) product has the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17067",
+      "title": "IBM Integrated Crypto Service Facility (ICSF) STC data sets must be properly protected.",
+      "description": "IBM Integrated Crypto Service Facility (ICSF) STC data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM Integrated Crypto Service Facility (ICSF) Started Task name is not properly identified / defined to the system ACP.",
+      "description": "IBM Integrated Crypto Service Facility (ICSF) requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_icsfracf.json

@@ -0,0 +1,35 @@
+{
+  "name": "stig_zos_icsfracf",
+  "date": "2015-06-22",
+  "description": "None",
+  "title": "z/OS ICSF for RACF STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "IBM Integrated Crypto Service Facility (ICSF) install data sets are not properly protected.",
+      "description": "IBM Integrated Crypto Service Facility (ICSF) product has the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17067",
+      "title": "IBM Integrated Crypto Service Facility (ICSF) STC data sets must be properly protected.",
+      "description": "IBM Integrated Crypto Service Facility (ICSF) STC data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM Integrated Crypto Service Facility (ICSF) Started Task name is not properly identified / defined to the system ACP.",
+      "description": "IBM Integrated Crypto Service Facility (ICSF) requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17454",
+      "title": "IBM Integrated Crypto Service Facility (ICSF) Started task(s) must be properly defined to the STARTED resource class for RACF.",
+      "description": "Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources.  Improper control of product resources could potentially compromise the operating system, ACP, and customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_icsftss.json

@@ -0,0 +1,35 @@
+{
+  "name": "stig_zos_icsftss",
+  "date": "2015-06-22",
+  "description": "None",
+  "title": "z/OS ICSF for TSS STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "IBM Integrated Crypto Service Facility (ICSF) install data sets are not properly protected.",
+      "description": "IBM Integrated Crypto Service Facility (ICSF) product has the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17067",
+      "title": "IBM Integrated Crypto Service Facility (ICSF) STC data sets must be properly protected.",
+      "description": "IBM Integrated Crypto Service Facility (ICSF) STC data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM Integrated Crypto Service Facility (ICSF) Started Task name is not properly identified / defined to the system ACP.",
+      "description": "IBM Integrated Crypto Service Facility (ICSF) requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17454",
+      "title": "IBM Integrated Crypto Service Facility (ICSF) Started task(s) must be properly defined to the Started Task Table ACID for Top Secret.",
+      "description": "Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources.  Improper control of product resources could potentially compromise the operating system, ACP, and customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_netviewacf2.json

@@ -0,0 +1,41 @@
+{
+  "name": "stig_zos_netviewacf2",
+  "date": "2016-06-30",
+  "description": "None",
+  "title": "z/OS NetView for ACF2 STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "NetView install data sets are not properly protected.",
+      "description": "NetView Install data sets provide the capability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17067",
+      "title": "NetView STC data sets are not properly protected.",
+      "description": "NetView STC data sets provide the capability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "NetView Started Task name must be properly identified / defined to the system ACP.",
+      "description": "NetView requires a started task(s) that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17947",
+      "title": "NetView resources must be properly defined and protected.",
+      "description": "NetView can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18014",
+      "title": "NetView configuration/parameter values must be specified properly.",
+      "description": "NetView configuration/parameters control the security and operational characteristics of products.  If these parameter values are improperly specified, security and operational controls may be weakened.  This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.",
+      "severity": "medium"
+    }
+  ]
+}