When attempting to secure the ICSF Panels from users, users are still able to access the ICSF Primary Panel and sub-panels even though the appropriate CSFSERV resource names are permitted with ACCESS(NONE) ACTION(FAIL). No Top Secret violations were logged.

Release : 16.0

There is an ICSF parameter setting called CHECKAUTH in the CSFPRMxx member in SYS1.PARMLIB. This must be set to CHECKAUTH(YES) in order for SAF calls to be issued for the ICSF panels.