SABSA stands for the Sherwood Applied Business Security Architecture. It provides a framework for developing risk-driven enterprise information security and information assurance architectures. It also aids in delivering security infrastructure solutions that support critical business initiatives.
Watch the Video
The main feature of the SABSA model is deriving everything from an analysis of the business requirements for security, especially those in which security has an enabling function through which new business opportunities can be developed and exploited.
The SABSA model covers the whole lifecycle of operational capabilities and is made up of six layers. Starting from the top level and going through lower ones, these are: contextual architecture, conceptual architecture, logical architecture, physical architecture, component architecture and service management architecture. The sixth layer, the service management layer, is overlaid on the other five layers and further vertically analyzed to produce the five-by-six cell SABSA Service Management Matrix.
The SABSA methodology provides guidance for aligning architecture with business value, in addition to addressing a critical need for greater integration between security and enterprise architectures within organizations. It is used in sectors as diverse as banking, nuclear power, communications technology, information services, manufacturing, homeless management and government.
SABSA key facts: