Work with Key Officers (WRKKEYOFR)

Key Officers are those users that are authorized to create and manage Master Encryption Keys (MEKs), Key Stores, Data Encryption Keys (DEKs) and the Field Encryption Registry.

The WRKKEYOFR command allows an organization to work with the key officers within the Symmetric Key environment.

The Key Officers and their authority settings are stored in the CRYPTO library by default. These settings are encrypted with the Product Encryption Key (PEK).

NOTE: A user does not need to be a Key Officer to encrypt and decrypt data.

The following users can use this command:

QSECOFR user profile
A user profile with *SECADM authority
A Key Officer that has a *YES specified for the “Maintain key officers” authority setting

How to Get There

From the Key Policy and Security Menu, choose option 10, Work with Key Officers. Or, execute the command CRYPTO/WRKKEYOFR.

Options

For each Key Officer listed on the screen, you can use one of the following options.

2=Change

Displays a prompt to change the authority settings for the Key Officer using the CHGKEYOFR command.

4=Remove

Displays a prompt to confirm the removal of the Key Officer using the RMVKEYOFR command.

5=Display

Displays the current authority settings for the Key Officer using the DSPKEYOFR command.

Function Keys

F3 (Exit): Exits the screen.
F5 (Refresh): Refreshes the list of Key Officers.
F6 (Add): Displays a prompt to add a new Key Officer using the ADDKEYOFR command.
F12 (Cancel): Cancel the current screen and go to the previous screen.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
4.0 | 202307100156 | July 2023