What is different between this post and the one you posted in the COBOL section which was locked as being an inappropriate methodology?
Anyway, this is the sort of thing that your security people should be able to tell you about.
as said before ( even with a different wording ) a forum is not the appropriate place to ask security related questions.
Looks that somebody in Your organisation forgot to do his/her/its homework
for suggestions on how to proceed
ask Your experts to search the IBM REDBOOKS collection and provide a SECURITY APPROVED way of doing it
( quite a bit of legal involvement,
You would not like to be personally held responsible for security breaches due to a poor implementation )
hint google with IBM REDBOOKS RACF MQ WINDOWS
to get links to documents like
WebSphere MQ Security in an Enterprise Environment -
ibm.com/redbooks. WebSphere MQ Security ..... 4.1.3 Resource access control facility (RACF). .... 4.6 WebSphere MQ security for OS/400, AIX and Windows .