Video Library

Video Resources for Business and IT Transformation Pros

Check out our videos, testimonials, and success stories to help you become a business transformation genius

Video Library

Governance

What is SABSA

what-is-sabsa

What is SABSA?

SABSA stands for the Sherwood Applied Business Security Architecture, and is the leading methodology for developing business operational risk-based architectures.

It provides a framework for developing risk driven enterprise information security and information assurance architectures. It also helps deliver security infrastructure solutions that support critical business initiatives.

The SABSA methodology provides guidance for aligning architecture with business value. It also addresses a critical need for greater integration between security and enterprise architectures within organizations.

With SABSA, organizations can achieve that important risk/reward balance, using a range of frameworks, models, methods and processes to manage risk and measure performance.

 The SABSA Model is the key to this and covers the whole lifecycle of operational capabilities.

The SABSA Model has six layers:

  • The Contextual
  • Conceptual
  • Logical
  • Physical
  • And Component Architectures

The Security Service Management Architecture is placed vertically across all layers to ensure it covers any issues arising from the other five layers.

Each of the layers of the architecture model is also supported by a vertical analysis based on six key questions: What, Why, How, Who, Where, When? This is represented in the SABSA Master Matrix.

The SABSA framework is flexible, scalable, and applicable to any industry sector. And rather than replacing other risk-based standards, it can also be combined with other standards such as TOGAF, ITIL and COBIT to create an integrated compliance framework.

SABSA provides organizations with an enterprise operational risk management architecture that can be completely tailored to a specific business model.

Learn more about how SABSA can help you improve your organization’s security architecture capability by booking your short consultation today. 

Governance RIsk and Compliance Video