The FREE Cybersecurity Glossary by Thor Pedersen!

Accountable Party: The individual or entity that is ultimately responsible for ensuring that activities involving sensitive information, security processes, or risk management practices are carried out properly and in line with organizational policies and standards. The accountable party is answerable for the outcomes of the decisions made, including the implementation of controls and mitigation of risks, and is typically a senior executive or manager who has the authority to commit resources and enforce actions. This role involves oversight and governance and is distinct from the roles of individuals who may be responsible for performing the day-to-day tasks associated with these activities.

Account access review: The process of regularly reviewing and assessing the access granted to user accounts on a system or network. It is used to ensure that access is appropriate and in line with the user's current roles and responsibilities and to identify and remove any unnecessary or unused access. Examples of account access reviews include reviewing access to shared resources, such as files and databases, and assessing the need for access to specific applications or systems.

Account Lockout: A security measure that automatically locks an account after a certain number of failed login attempts. It is used to prevent unauthorized access to an account and is commonly found in password policies. Examples - A user tries to log in to their email account and enters the wrong password 5 times, causing the account to be locked. An employee attempts to access a secure database but forgets their password, resulting in their account being locked after 3 failed attempts.

Account management: The process of creating, maintaining, and managing user accounts on a system or network. It is used to ensure that only authorized users have access to the system and that access is granted and revoked in a controlled and secure manner. Examples of account management include setting up new user accounts, modifying existing accounts, and disabling accounts when necessary.

Account Policy Enforcement: The implementation and enforcement of rules and procedures that govern how user accounts are managed within a system. This includes policies on password complexity, account lockouts, session timeouts, and user access rights. Enforcing account policies helps maintain system security, protect user data, prevent unauthorized access, and ensure regulatory compliance.

Accreditation: The official recognition that a system, product, or individual meets specified requirements or standards. For a system or product, this might involve a thorough assessment of its security features, performance, and reliability. For an individual, it could mean they have demonstrated a certain level of expertise or competence. Accreditation enhances trustworthiness, promotes quality and Consistency, and provides a benchmark for comparison.