Received the following message from Compliance Event Manager:

CEMWTO1I ESM CHANGE DETECTED ON xxxxx BY acid ON LPAR lpar 29-OCT-2021 AT 10:00:00 RUN A CEM ESM REPORT

When issuing a:

F TSS,FAC(ALL)

The following security violations are received:                                                  

TSS7251E ACCESS DENIED TO CASECAUT <TSSCMD.ADMIN.MODIFY>

IEF196I TSS7251E ACCESS DENIED TO CASECAUT <TSSCMD.ADMIN.MODIFY>

TSS MODIFY commands allow you to change or display Top Secret Control Options.

It is normal to want to track TSS MODIFY commands usage since it has the ability to display Top Secret configuration and make Top Secret configurations changes.

Issuing the TSS MODIFY command requires the CONSOLE attribute via:

TSS ADD(acid) CONSOLE

or a PERMIT to:

TSS PER(acid) CASECAUT(TSSCMD.ADMON.MODIFY) ACC(PRIVILEG)