3.4.4 Operating in an Accountable Manner
This phase covers the support, management, and day-to-day operations. For the purposes of accountability, it focuses on two aspects:
- Operate the system as intended:
- Gather and report on accountability and risk treatment metrics, and keep the dashboards updated.
- Communicate with stakeholders as intended.
- Ensure that the collection of evidence is performed as intended.
- Ensure that all logs are effectively backed-up and are protected against tampering.
- More generally, ensure that all solution-specific processes and associated organisation-level processes are used and are operating with the intended effectiveness. This is also applicable to all processes related to 3rd parties.
- Look for signs of unexpected issues:
- Continuously monitor the system, the operating environment, and the ecosystem for signs of incident, breach or significant change. Activate the exception handling processes as required.
← 3.4.3 Provisioning for Accountability - Analyse and Design
up
3.5 Accountability Control Framework Alternative for SME →
Download the preliminary release of the Cloud Accountability Reference Architecture and the relevant A4Cloud Toolkit.
