Jobs submitted from CICS® to the JES internal reader without the USER operand being specified on the JOB statement run under the CICS region user ID. These jobs have the access authorities of the CICS region itself, and so could potentially expose other data sets in the MVS™ system.
RDEFINE PROPCNTL CICS1
SETROPTS CLASSACT(PROPCNTL) RACLIST(PROPCNTL)
SETROPTS RACLIST(PROPCNTL) REFRESH
You (or the RACF security administrator) must issue the SETROPTS command to refresh these profiles. Issuing the CICS PERFORM SECURITY REBUILD command does not affect the PROPCNTL class.