After z/OS 2.5 upgrade from z/OS 2.4, JES2 receives security violations: 

TSS7221E Dataset Not Accessible - xxxxxxxxxxxxxxxxxx

for the JCLLIB dataset during IPL.

Release : 16.0

Component : Top Secret for z/OS

Not Top Secret related problem.

IBM control option PASS/NOPASS activates/deactivates the JCLLIB dataset checking in the program properties table (PPT) which is maintained in member SCHEDxx in SYS1.PARMLIB.  

The default entry supplied by IBM for JES2 is HASJES20 with a keyword of PASS to enforce data set security for submitted jobs in both z/OS 2.4 and 2.5.

NOPASS must be set on z/OS 2.5 to disable the JCLLIB dataste checking.