All parties having authorised access to the system should be held accountable for their actions.
namespace
SABSA
stereotype
RiskAttribute
softMetric
Independent audit and review against Security Architecture Capability Maturity Model with respect to the ability to hold accountable all authorised parties