What is the best methodolgy from removing all VOL(*ALL*(G)) PERMITs from the Top Secret Security File?

Release : 16.0

Component :

1. Issue a TSS WHOHAS which will show all the VOL(*ALL*(G)) PERMITs on your system.
2. TSS REVOKE all those PERMITs and re-PERMIT them with ACTION(AUDIT). Example: TSS REVOKE(PROFILEA) VOL(*ALL*(G)) followed by a TSS PERMIT(PROFILEA) VOL(*ALL*(G)) ACTION(AUDIT)
3. ACTION(AUDIT) will cause an audit entry to be cut any time the VOL(*ALL*(G))  PERMIT is used by the user. It will indicate the volume and dataset accessed when you run the TSSUTIL with a REPORT CLASS(D) EVENT(AUDTA) control card. It will generate a TSSUTIL report entry like the following:

01/24/22 15:27:04 XE67 USER1    USER1    T F    ISPTASK  UPDATE   ALL        OK+A  OPN D VOLE67 USER1.TEST.DATA     T006082 A67LO902

OK+A indicates the entry was create because of auditing.

VOLXE67 is the volume.

USER1.TEST.DATA is the dataset.

USER1 is the acid accessing the dataset/volume.