SABSA as a framework for security architecture has existed since the 1990s. It is only in the past few years that SABSA has emerged as a known entity in the business. TOGAF does have a security component within the architecture framework, but it is more of an add-on to the existing guidance. SABSA is aimed fully at creating and maintaining a security architecture.
We'll discuss frameworks around business requirements, risk and opportunity management, policy architecture, security services-oriented architecture, governance and secure domains. SABSA is developed and maintained by the SABSA Institute and a a review of the framework from multiple levels can help us gain and develop the knowledge needed for practical SABSA security architecture development and implementation.
Learning Objectives:
Understand the benefits of having a well designed security architecture in place, as well as the requirements for developing such a security architecture.
See SABSA as a series of integrated frameworks, models, methods and processes for developing a security architecture, and how these individual frameworks integrate with other frameworks to create a mature security organization in a business.
Understand the various layers within SABSA and the steps within them, including the various documents needed for each of these layers.
