When a CICS® business transaction services (BTS) process or activity is activated by a RUN command, it may run under a different userid from that of the transaction that issues the RUN.
The application programmer can specify under whose authority a process or activity is to run, when it is activated by a RUN command, by coding the USERID option of the DEFINE PROCESS or DEFINE ACTIVITY command. If the USERID option is omitted, the value defaults to the userid of the transaction that issues the DEFINE command.
If the USERID option is specified, CICS performs (at define time) a surrogate security check to verify that the userid of the transaction that issued the DEFINE command is authorized to use the userid specified by USERID.