The default is LOG.
If logging is in effect, and the terminal user does not have the requested access to the specified resource, message DFHXS1111 is issued to the CICS® security transient data destination CSCS. Where relevant, RACF® message ICH408I is also issued. SMF records may also be recorded, depending on the auditing and logging options that have been specified for that resource. For more information, see the z/OS Security Server RACF Auditor's Guide.
For programming information about CVDAs, refer to CICS System Programming Reference.