ACF2 has internal code to validate the TSO proc of users with a type code of TPR. The following bit field on the ACF2 logonid record turns on user validation:
Indicates that CA ACF2 validates the TSO procedure name of a user. You must create a resource rule with a type code of TPR and a $KEY of the procedure name so that CA ACF2 performs this validation. (Bit field)
So write a rule like this:
CHANGE INFODIR TYPES(R-RTPR) ADD
Then add VLD-PROC to users that you want to be checked. If you want this for all TSO users, you could do this:
CHANGE UID(-) IF(TSO) VLD-PROC
After you do this, every TSO logon will cut an SMF record that can be viewed on the ACFRPTRV report with a resource like this: RTPR-tsoproc and the user that made that call happen.