{
  "risk_id": "R-AC-1",
  "grouping": "Access Control",
  "name": "Inability to maintain individual accountability",
  "description": "The inability to maintain accountability (e.g., asset ownership, non-repudiation of actions or inactions, etc.).",
  "nist_csf_function": "Protect"
}