the right way of doing such a thing depends on many factors !
Auditing practices of Your IT shop
Security level of the data contained in the report
Privacy concerns about forging a userid
It might be ok to pass it as a parm if the abovesaid requirements are loose
You could submit the job coding
>>> //...................,parm='some other userid'
and the people looking at the report would hold 'some other userid' responsible for it.
If Your organization require stricter rules then You should ask Your support people to guide You in getting the real userid for the RACF control blocks