• exceptionReporter offers significantly more robust security monitoring, reporting and compliance assurance by offering user customizable exception based reporting. Using a traffic light overview focuses attention by exception analysis. A suite of over sixty automatically generated reports yields an 80% reduction in the time to detect and monitor arising security issues.

  • Business Objective

    RSM exceptionReporter enables enterprise Risk and Compliance functions to champion proactive mainframe security management strategies. By focusing attention on exception analysis, the suite of over sixty automated reports provided by RSM solutions have yielded an eighty percent reduction in the time to detect and monitor ongoing security issues.

    Based on over 400+ years of mainframe security experience and expertise, RSM exceptionReporter delivers best practice compliance / exception monitoring and reporting, while obviating the need to engage costly, expert resources or ongoing, internal maintenance overheads.


  • RSM Partners Solution

    Pan-enterprise, automated reporting of any exceptions arising against Group or site specific Security Policy

    Configurable emailed reports illustrating easy to spot key issues via colour coding (RAG) schema

    Daily / weekly / monthly spreadsheet reports, generated and delivered to various individual / role / function requirements

    Generated on the mainframe and sent daily as an email with zip attachment


    IBM Security zSecure audit module is a pre-requisite for exceptionReporter.


    Yes, you require zSecure Admin+Audit

    Yes, it reports on exceptions, all in one place, thus reducing headcount requirements.

    No, we have done all the development for you. All you need to do is initial configuration to define your exceptions. We can help you with this.

    You could, but it took 1,500+ hours of development and requires subject matter experts that are the best in the business, and would require a headcount of 2-3 developers and RACF/zSecure Subject Matter Experts to develop and support.

    Many of our customers struggle to cope with the number of daily security reports, and the volume of data within them. exceptionReporter reduces this problem by only showing exceptions, all in one centralized place.

    We are not aware of any similar products.

    zSecure Admin/Audit provide excellent tools for security reporting, but users need to be highly proficient in CARLa coding and experienced in RACF to produce meaningful reports. With exceptionReporter, RSM has done all the hard work for you and all report data is in one concise report, available as a drill-down spreadsheet.

    exceptionReporter is very flexible. It can be customized to produce a subset of reports. You could, for example, send the full set to the security engineering team, and a subset of say six reports of interest to a user department.

    You can use a standard job scheduling system to schedule the jobs. You can also run them ad-hoc.

    zSecure Admin provides an ISPF interface to RACF commands and RACF profiles, with the ability to create CARLa reports to report on the contents of the RACF database. Functions are available to clone RACF profiles, search the RACF DB, Mass delete profiles, etc. zSecure Audit provides anISPF interface to audit functionality for RACF and z/OS, with the ability to create CARLa reports to report on any audit issues found. Also, an ISPF interface to READ SMF data, with the ability to create CARLa reports to report on those SMF records. The key words here are with the ability to create CARLa reports.. IBMs zSecure suite is a very useful set of tools, but not a complete solution.

    RSM has a strong reputation for knowledge in the mainframe security space and on several occasions we have been retained by clients to write the necessary CARLa code to generate various required security reporting. exceptionREPORTER aims to embody what we believe tobe allthe key controls in a RACF and z/OS environment.

    exceptionReporter leverages RSM's 100s of man years experience in mainframe security and zSecure.

    exceptionReportersaves clients the time and effort necessary in creating their own CARLa based security reporting. If a client were to try and create and maintain a suite of reports similar to exceptionReporter, they would be looking in excess of 150 days development effort and most likely 30-50 days per annum in maintenance and checking. Add to this that we deliver reporting in a consolidated, exception based view based on a simple to read traffic light system making issues very easy and quick to spot.

    RSM keeps the reporting delivered by exceptionReporter in sync with the latestzSecure updates.We also add new reports when RACF and z/OS are changed and create appropriate new reports when any new legislation is announced. Add tothis thatRSM is continually looking at what we believe best practices to be, as the need for certain security controls and reporting changes as time passes.

    You require a license for each SMF ID/LPAR you wish exceptionReporter to monitor and provide reporting on.

    exceptionReporter is for monitoring exceptions on a daily basis, and provides an audit trail. zDetect is a real time monitor that detects threats in real-time. zDetect also delivers intelligent data to SIEM systems such as Splunk and Correlog. exceptionReporter reports can be viewed through zDetect.

    zDetect is designed to immediately show potential threats and attacks, whereas exceptionReporter is used to simplify monitoring and reduce the number of reports that need reviewing on a daily basis.

    To request a download of this software or to raise a question, please complete the following details:

  • Download the exceptionReporter overview datasheet


  • Watch the exceptionReporter software video


  • Download the exceptionReporter demo software