CICS is one of the most used and useful transaction processing systems in the world.  It was first released shortly before the Apollo 11 landing, and like that historic event, it was one small step for software, one giant leap for business productivity.  However, it’s a very difficult system for the uninitiated to navigate, let alone audit.  “CICS Essentials” helps to change that.  While a detailed read, it explains the technobabble and acronymania usually found in IBM documentation into words REAL people can use and understand.  More importantly, it explains where the critical risks are hidden within the CICS-arcana, and how to properly apply good security and control practices without sacrificing operational capabilities.  Once you’ve read it, you can build a good, strong, and workable Audit Program tailored to your company’s (and your company’s applications) specific needs. 

 

As one of the technical reviewers of CICS Essentials, I am proud of my small part in bringing this document to fruition.  However, the real genius of the book can be found in the Herculean efforts of the authors – Julie-Ann Williams, Mike Cairns, Martin Underwood, and Craig Warren – to take the virtually incomprehensible and make it understandable and functional.  I can highly recommend this book to anyone who needs to audit or secure a CICS application.

 

Doc Farmer

Senior Security Specialist

InfoSec, Inc.