We're planning to tighten our rule for characters to be specified in a new password.
Is there any way to require at least one numeric character and one alphabetic character in a new password?

You need to specify both PSWDALPH and PSWDNMIC fields in the GSO PSWD record.
PSWDALPH specifies that CA ACF2 requires at least one alphabetic character to be present in a new password.
PSWDNMIC specifies that CA ACF2 requires at least one numeric character to be present in a new password.

CA ACF2 also provides other fields that control required characters in a new password such as;
PSWDSPLT requires that a new password contains a national or a user-defined character between the first and last position.
PSWDPAIR specifies the number of consecutively repeated characters allowed to be in a new password.

These GSO PSWD record fields are described in Administrator Guide.