If you run CICS as a started task, associate the cataloged procedure name with a suitably authorized RACF user through the RACF table, ICHRIN03. RACF supplies a default ICHRIN03 table, which you can modify. See the z/OS Security Server RACF System Programmer's Guide for more information about this table, and how you can add the default entry for the cataloged procedure name for starting CICS.
If your ICHRIN03 table contains the default entry, you need not update the table; but define a RACF user with the same name as the cataloged procedure.
If your ICHRIN03 table does not contain the default entry (or you choose not to set the default entry), update the table with an entry that contains the cataloged procedure name and its associated RACF user. This RACF user need not have the same name as the cataloged procedure.
Whether your ICHRIN03 table contains the default entry or a specific entry you have defined, ensure that the RACF user identified through ICHRIN03 has the necessary access authority to the data sets in the cataloged procedure.
For example, if you associate a cataloged procedure called DFHCICS with the RACF userid CICSR, the userid CICSR needs to have access to the CICS resources accessed by the task started by DFHCICS.