Guardium for DS agent needs to be enhanced to only monitor user’s activity when their privileges are elevated.
Trusted Access Manager for z and RACF (TAMz on ACF2, TAMR on RACF) are the products used. They are Broadcom products and work by manipulating a user’s Accessor Environment Element (which dictates your security environment). They add a “rider” on to the ACEE to hold additional entitlements – be it an alternate UID string/privileges/roles in ACF2 or groups/privileges in RACF. First your normal access is checked and if no access is found then this additional “rider” is checked to see if that provides access. If so, the access is allowed but the access is flagged as elevated access on the associated SMF record.
Do not place IBM confidential, company confidential, or personal information into any field.