Home > Glossary > Certified in Cybersecurity > Accountability

📖 What is Accountability?

The ability to trace actions performed on a system back to a specific individual or process, typically through audit logs.

🥋 Sensei Says:

"Without accountability, you can't prove who deleted the database."

📚 Certification: Certified in Cybersecurity (CC)

🔑 What are the Key Concepts of Accountability?

▸ Accountability relies on robust logging and auditing mechanisms to record events and user actions within a system.
▸ Non-repudiation is a key component of accountability, ensuring actions cannot be falsely denied by the actor.
▸ Proper access controls and authentication methods are foundational for establishing clear accountability for system activities.
▸ Accountability isn't just about identifying *who* did something, but also *when*, *where*, and *how* it was done.
▸ Regular review of audit logs and security information is crucial to proactively identify and address potential security incidents.

🎯 How does Accountability appear on the CC Exam?

You may be asked to identify the security principle violated when a system lacks sufficient logging to determine the source of a data breach.

A scenario might describe a compliance requirement mandating detailed audit trails for all privileged access – determine which controls support this.

Expect questions about how to implement accountability in a cloud environment, focusing on services that provide audit logging and access tracking.

❓ Frequently Asked Questions

How does accountability relate to responsibility?

Responsibility defines *who* should perform a task, while accountability ensures *who* actually did it and can be held answerable for the outcome. They are related but distinct concepts.

Can accountability be achieved without perfect security?

No system is perfectly secure. Accountability focuses on detecting and responding to incidents, even if prevention fails. It's about knowing what happened *after* a breach, not just preventing it.

What types of events should be logged for accountability?

Log all security-relevant events: logins/logouts, access to sensitive data, configuration changes, and system errors. Focus on events that could indicate malicious activity or policy violations.

Related Terms from Certified in Cybersecurity

IDS (Intrusion Detection System) Confidentiality Least Privilege IPS (Intrusion Prevention System) VPN (Virtual Private Network) Recovery Time Objective (RTO)

📝 Related Study Guides

Study Guide 8 min read

ISC2 CC Certification Guide: Your Free Entry into Cyber

The ISC2 Certified in Cybersecurity (CC) is a free, entry-level certification designed for beginners. It covers five core domains—Security Principles, BCP/DR, Access Control, Network Security, and Security Operations—via a 100-question exam. It's the ideal starting point for career changers to build a foundation without financial barriers.

Exam Tips 8 min read

ISC2 CC Exam Domains: What You Need to Know to Pass

The ISC2 CC exam consists of five domains: Security Principles, Business Continuity (BC), Disaster Recovery (DR), and Incident Response (IR), Access Controls, Network Security, and Security Operations. To pass, you must master the CIA Triad and security governance, while prioritizing high-weight domains through targeted practice and domain-specific analytics.

Comparison 8 min read

CISSP vs CISM: Which Certification Should You Pursue in 2026?

Choose CISSP if you want broad technical security expertise across eight domains, including cryptography, network security, and software development. Choose CISM if you're focused on information security management, governance, and risk management from a leadership perspective. CISSP is ideal for hands-on security architects, while CISM is designed for security managers and directors.