What is SABSA?

A definition of SABSA - the Sherwood Applied Business Security Architecture

Book a Demo

SABSA stands for the Sherwood Applied Business Security Architecture. It provides a framework for developing risk-driven enterprise information security and information assurance architectures. It also aids in delivering security infrastructure solutions that support critical business initiatives. 


Watch the Video


The main feature of the SABSA model is deriving everything from an analysis of the business requirements for security, especially those in which security has an enabling function through which new business opportunities can be developed and exploited.

The SABSA model covers the whole lifecycle of operational capabilities and is made up of six layers. Starting from the top level and going through lower ones, these are: contextual architecture, conceptual architecture, logical architecture, physical architecture, component architecture and service management architecture. The sixth layer, the service management layer, is overlaid on the other five layers and further vertically analyzed to produce the five-by-six cell SABSA Service Management Matrix.

The SABSA methodology provides guidance for aligning architecture with business value, in addition to addressing a critical need for greater integration between security and enterprise architectures within organizations. It is used in sectors as diverse as banking, nuclear power, communications technology, information services, manufacturing, homeless management and government.

SABSA key facts:

  • Open standard, generic, and vendor neutral
  • Owned, governed, protected and maintained by the SABSA Institute
  • The framework is scalable and can be used by any industry or organization
  • Designed for the development of security architectures and solutions
  • Integrates with TOGAF, ITIL, and COBIT, as well as other governance, compliance and audit frameworks

Learn how SABSA can help you improve your organization’s security architecture activities.