SAF-controlled auditing without SYS1.PARMLIB

You need to define an enabling SAF facility profile as described below:

Define SAF facility profile
FILEM.SAFAUDIT.CICS
and ensure that all ZDT/CICS users to be audited have at least read access to that facility. See the example below.

Example

User PROD2 to have SAF-rule controlled auditing without using SYS1.PARMLIB.

Write this RACF® rule:

RDEF FACILITY FILEM.SAFAUDIT.CICS AUDIT(NONE) UACC(NONE) OWNER(ownerid)
PE FILEM.SAFAUDIT.CICS ACC(READ) ID(PROD2) CLASS(FACILITY)

If you use this method and intend to write audit records to SMF, the required SMF number is specified in the HFM3POPT module. See Customizing Z Data Tools to write audit records to SMF.