Every access or action shall be accounted to a user, entity, or organization, to keep track of roles or to attribute the responsibility in case of problems. [1]