I have noticed over the last few months that there are PTFs being released that deal with TAMz. My question is this : If our security group is not actively using the TAMz functions, is there any potential harm in putting the PTFs on the system ? Will they actually enable something that we may not be prepared for ?
You can apply the PTFs that deal with TAMz even though you are not actively using the TAMz functions. It won't enable anything you may not be prepared for. TAMz is an extra cost product that works with TSS and ACF2 to manage privileged IDs on the mainframe and effectively audit the use of privileged access. With permissions in place, authorized personnel can elevate access permissions to resolve emergencies or solve critical business needs immediately. TAMz would need to be installed and configured before it can be used.
If any of the PTFs being applied are PE'd, you should also apply the correcting fixes for each.