RACF settings  RACF Resource Profile Audit Concerns  z/OS system settings  SAF router table ICHRFR01 and CDT xref Sensitive Data Trustees  IPL parameters  RACF Authorized Caller Table ICHAUTAB Sensitive Data by Profile  SMF Parameters RACF Range Table ICHRRNG Entity and segment summaries SMF Subsystem settings RACF Data Set Name Table ICHRDSNT Authorized Programs  Subsystem  Class Descriptor Table  Program Access to Data Sets  Virtual Storage Overview Global Profile overview Started Task protection  Virtual Storage Writable Trusted users  Started Procedure Table and Started Class MPF System Authorizations Globally writable data  JES2 Job Classes Group Authorizations Undefined users and groups Consoles Shared UNIX uids and gids  Redundant permits to userids Program Property Table  UNIX ids used in the HFS, but not to RACF Check USER, GROUP and CONNECT Sensitive Data Set  Exceptional Password Interval  Report Group hierarchy Supervisor Call  Expired Password  Userids with trivial passwords Program Call  Initial Password  Datasets not protected by a RACF profile I/O Appendage  Password Age  Datasets defined by discrete profiles exist DMS setting  Failed Logon Attempts  Generic profile has matching datasets Exits and tables Never Used Userids  Discrete profiles for RACF-indicated datasets DASD volumes Inactive Userids  Check that procedures can indeed be started Effective UNIX mount points Last Logon Date  TSO users outside RACF / TSO segment