Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
IBM Hardware Management Console (HMC) Policies Security Technical Implementation Guide
Profiles
III - Administrative Sensitive
III - Administrative Sensitive
An XCCDF Profile
Details
Items
Prose
4 rules organized in 4 groups
SRG-OS-000360-GPOS-00147
1 Rule
<GroupDescription></GroupDescription>
Initial Program Load (IPL) Procedures must exists for each partition defined to the system.
Low Severity
<VulnDiscussion>If procedures for performing IPLs are not in place, it is extremely difficult to ensure overall operating system integrity.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
SRG-OS-000360-GPOS-00147
1 Rule
<GroupDescription></GroupDescription>
Power On Reset (POR) Procedures must be documented for each system.
Low Severity
<VulnDiscussion>If procedures for performing PORs are not in place, it is extremely difficult to ensure overall operating system integrity</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
SRG-OS-000360-GPOS-00147
1 Rule
<GroupDescription></GroupDescription>
System shutdown procedures documentation must exist for each partition defined to the system.
Low Severity
<VulnDiscussion>If procedures for performing system shutdowns are not in place, it is extremely difficult to ensure overall data and operating system integrity.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
SRG-OS-000360-GPOS-00147
1 Rule
<GroupDescription></GroupDescription>
Backup of critical data for the HMC and its components must be documented and tracked
Medium Severity
<VulnDiscussion>If procedures for performing backup and recovery of critical data for the HMC is not in place, system recoverability may be jeopardized and overall security compromised.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>