You are looking to secure MIM with your external security product (Top Secret, ACF2, RACF) and wondering what libraries MIM may require for update and those that are read only. 

1. Is there ever an occurrence of the MIM program library (loadlib) being updated by any component of MIM (STCs, etc.)?
2. Is there any documentation that provides specific guidance in securing MIM?
3. In the absence of any documentation, have you any recommendations that could provide some guidance?

1. In response to the question, the simple answer is NO. The MIM load library would only be updated when a systems programmer installs maintenance/PTFs, and not by any running process.
   
   
2. In regards to what we may already document, I would refer to the following sections of the MIM documentation.
   • Address Security Requirements (Installer Requirements)
   • Grant Data Set Access (Configuration for Execution)
     
     
3. General recommendations for guidance...

Below are a list of possible files updated by the MIM and MIMQUERY address spaces:

MIM:
STEPLIB  DD - READ (DASD dataset)
MIMCKPxx DD - READ/WRITE (DASD dataset)
MIMRMFIL DD - READ/WRITE (DASD dataset)
MIMPARMS DD - READ (DASD dataset)
MIMLOG   DD - WRITE (DASD dataset or SYSOUT)
MIMTRC   DD - WRITE (DASD dataset or SYSOUT)
MIMTBLxx DD - READ/WRITE (DASD dataset or list structure)

MIMQUERY:
STEPLIB  DD - READ (DASD dataset)
CASVPARM DD - READ (DASD dataset)
MSGLOG   DD - WRITE (DASD dataset or SYSOUT)
TRACE    DD - WRITE (DASD dataset or SYSOUT)