The Problem with Mainframe Audit Reports

Imagine that you are asked to submit to an external audit of your mainframe environment tomorrow. Would the independent auditor come away with no or only minor adverse findings? That’s the goal. And one way to meet that goal is through internal auditing.

Benefits of Internal Audits

Conducting internal audits is a proactive practice that prepares an organization for the event of an external audit. Internal audits, or self-assessments, help ensure that an IT department’s policies and procedures are being followed. They also help organizations identify gaps in their security compliance. Those policy deviations and gaps can be immediately remediated before an independent auditor discovers them—or, for that matter, customers and partners discover them the hard way.

Internal audits are also less disruptive than external audits because the timing of an internal audit can be flexible. Most people groan at the thought of scrambling to prepare for a formal audit, but an internal audit should not be a source of stress. Organizations can schedule them in advance or they can integrate them into the day-to-day steps of a development project. Internal audits can happen during production downtimes, after hours, or whenever it’s convenient for the IT professionals conducting them—as long as the result is that the audit gets done and any discrepancies are resolved before the formal audit takes place.

The Value of an Independent Auditor

Companies that are concerned about their compliance or want to take the responsibility off the hands of their internal talent often opt to hire an outside contractor to perform the internal audit. The contractor is unbiased, knows exactly what to look for, will provide an expert assessment, and can help the organization resolve problems before an external audit occurs.

Companies that have a Security Information and Event Management (SIEM) platform find audits—internal and external—particularly easy to manage. Independent auditors look for documentation or reports that demonstrate that your security and compliance implementation is working. At a touch of a button, SIEM products can produce canned audit reports. With the all-important reporting in hand, an auditor can usually wrap things up with a few additional questions and then you’re done. If you’ve been creating these instant reports all along, you already know that there won’t be any red flags.

Acing Your Mainframe Audit

Not every company with a SIEM has integrated their mainframe into the platform. What is a simple push-button task for their operating systems suddenly, with the mainframe, becomes a development project. Someone from the team will need to be pulled from their regular projects to write and run reports and then deliver them to the independent auditor. The process can be particularly drawn out if the person has other mission-critical work to do at the same time.

So what’s the solution to this audit time crunch? Integrate your mainframe into your SIEM platform. And that’s where InfoSec comes in.

Think about it: when you need to schedule an audit for your mainframe and you don’t have SIEM integration, your busy IT professionals have to drop everything, switch gears, and start working feverishly on creating and writing reports. Workflow is interrupted and it’s a net loss of time and revenue for the entire length of the audit.

But when you have a SIEM platform that integrates with your mainframe, suddenly audits become straightforward. Your mainframe logs and events can be accessed as quickly and easily as you access any other information through SIEM. You can push a button and generate a PCI report —or whatever is needed—because all the data is already there when you need it. You can quickly generate a report for the auditor with no lost productivity for your organization. And all it requires is integrating your mainframe to tools that you already have and putting them to maximum use.

The payoff from that initial investment in integrating your mainframe into your SIEM platform will become apparent after your first audit. With a solid plan of scheduled self-assessments and armed with the right resources for your IT department, audits can actually be informative and helpful rather than disruptive and stressful.