Accountability in a more classical structure

Is…

  • Who did it?
  • Do we have Non-repudiation?
  • What are legal consequences?
  • How shall we secure the systems?
  • Who is accountable?

Provides:

  • integrity and assurance,
  • authenticity..

Enforced via:

  • audit trails & logs,
  • design, governance and policy,
  • standards*,
  • RACI matrix..

*standards should include [internal] Minimal Security Baseline (MSB) with influences of vendor best practices, external standards, directives, etc.

Leave a Reply

Your email address will not be published. Required fields are marked *