Module 1: Role of accountable authority

The accountable authority has determined the entity's tolerance for and management of security risks (as documented in the entity security plan).
The accountable authority has considered the implications that it's risk management decisions have for other entities and shared information where appropriate (as documented in the entity security plan).
For lead security entities, the entity, on behalf of the accountable authority, provided other entities with advice, guidance and services related to government security to help other entities achieve and maintain an acceptable level of security.
For lead security entities, responsibilities and accountabilities for partnerships or security arrangements with other entities have been established and documented.
Any decision to vary the application of a PSPF requirement was made: by the accountable authority; in exceptional circumstances; for a limited period of time; and consistent with the entity's risk tolerance.