After applying maintenance to SYSVIEW, HOLDDATA instructions could require users to re-run security conversion job GSVUSEC. How does this job work and what dataset should be used?

Any PTF that make security-related changes, for example, adding new commands or modify existing ones, have in HOLDDATA instructions that require to re-run security conversion job.  

The distributed sample GSVUSEC can be found under hlq.CNM4BSAM(GSVUCSEC). This job will create a new temporary dataset, then will copy into this temporary dataset content from the SMP/e dataset that was updated by maintenance.  It then converts (reassemble or merge) the temporary dataset and existing security dataset.  As a result, the current security data set will be updated.  Below are details of each step. 

hlq.CNM4BSAM(GSVUCSEC) 

1. DELETE
   This step makes sure that the name of the future copy of SMP/E security file is not in use. Temporary security file.
2. COPYSMPE  
   This step will copy SMP/E security file that was just updated by the applied PTF.
   In this step, SYSUT1 should be distributed library that was created when you installed Sysview, applied maintenance changes goes to this datasets and it will be used as an input on this COPYSMPE step.
   SYSUT2 is a temporary security file that will be output for this step and then will be used in the following step as part of input.
3. UPDTSEC
   This step finally converts(reassemble or merge) the current security file that should be in mentioned as SYSUT1 and SYSUT2(this is a temporary security file that was the output of the previous step).
   PGM=GSVXCNVS will "merge" SYSUT1 and SYSUT2 and save the result as SYSUT2.
4. RENAME
   This step will rename the current security file for something else(add .copy) and then rename SYSUT2, output from the previous step, to the current security file data set name.