There are several methods to audit in Top Secret, including:
1) The AUDIT attribute on an acid. Example: TSS ADD(acid) AUDIT
2) Add the resource in the AUDIT record. Example: TSS ADD(AUDIT) DSN(ABCD)
3) Put ACTION(AUDIT) on a TSS PERMIT command. Example: TSS PERMIT(acid) DSN(ABCD) ACTION(AUDIT)
4) Put the AUDIT attribute on a facility. Example: TSS MODIFY FAC(CICSPROD=AUDIT).
5) Put ACTION(AUDIT) for an ADD(acid) FAC(fac) Example: TSS ADD(ALL) FAC(fac) ACTION(AUDIT)
If Resource is already PERMITTED to ACID without ACTION(AUDIT) you will need to:
Remove the entry you have and then permit back on to
the ACID with ACTION(AUDIT)
Then run TSSUTIL with REPORT EVENT(AUDIT) dsn(sys1) and
it will report on all accesses to it.