Vulnerability Discussion
If security personnel are not notified immediately upon storage volume utilization reaching 75 percent, they are unable to plan for storage capacity expansion.
Check
If the Mainframe Product uses MVS System Management Facility (SMF) recording or external security manager (ESM) log files for auditing purposes, this is not applicable.
Examine the Mainframe Product installation and configuration auditing settings.
If the installation and/or configuration setting for auditing do not provide an immediate warning to the system programmer and security administrator (at a minimum) when allocated audit record storage volume reaches 75 percent of repository maximum audit record storage capacity, this is a finding.
Fix
Configure the Mainframe Product installation and configuration settings for auditing to provide an immediate warning to the system programmer and security administrator (at a minimum) when allocated audit record storage volume reaches 75 percent of repository maximum audit record storage capacity.