Interop Req 8

From IDESG Wiki
Jump to: navigation, search

<< Back to Baseline Functional Requirements Index

INTEROP-8. ACCOUNTABILITY

Entities MUST be accountable for conformance to the IDESG Baseline Requirements, by providing mechanisms for auditing, validation, and verification.

SUPPLEMENTAL GUIDANCE

By the term “mechanism” it is intended there is a means to support a determination of compliance with these Requirements. This means may be through documented policy, audit, direct observation, or other means to support a determination of compliance. This Requirement does not intend that the means is provided publicly, just that it is available to the service provider for the determination of compliance and may be examined independently when appropriate.

REFERENCES

Reference for “accountability” requirements: ISO/IEC 29100 (2011) Privacy Framework, Section 5.10 Accountability, http://standards.iso.org/ittf/PubliclyAvailableStandards/index.html

APPLIES TO ACTIVITIES

REGISTRATION, CREDENTIALING, AUTHENTICATION, AUTHORIZATION, INTERMEDIATION

KEYWORDS

AUDIT, COMPLIANCE, INTEROPERABILITY, POLICIES, VALIDATION



Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |