What is SABSA?

SABSA stands for the Sherwood Applied Business Security Architecture, a framework for managing enterprise information security

Book a Demo

SABSA Distilled

SABSA stands for the Sherwood Applied Business Security Architecture. It provides a framework for developing risk-driven enterprise information security and information assurance architectures. It also aids in delivering security infrastructure solutions that support critical business initiatives.

The main feature of the SABSA model is deriving everything from an analysis of the business requirements for security, especially those in which security has an enabling function through which new business opportunities can be developed and exploited.

The SABSA model covers the whole lifecycle of operational capabilities and is made up of six layers. Starting from the top level and going through lower ones, these are: contextual architecture, conceptual architecture, logical architecture, physical architecture, component architecture and service management architecture. The sixth layer, the service management layer, is overlaid on the other five layers and further vertically analyzed to produce the five-by-six cell SABSA Service Management Matrix.

The SABSA methodology provides guidance for aligning architecture with business value, in addition to addressing a critical need for greater integration between security and enterprise architectures within organizations. It is used in sectors as diverse as banking, nuclear power, communications technology, information services, manufacturing, homeless management and government.

SABSA key facts:

  • Open standard, generic, and vendor neutral
  • Owned, governed, protected and maintained by the SABSA Institute
  • The framework is scalable and can be used by any industry or organization
  • Designed for the development of security architectures and solutions
  • Integrates with TOGAF, ITIL, and COBIT, as well as other governance, compliance and audit frameworks

Learn how SABSA can help you improve your organization’s security architecture activities.

Title / Statement 


Title / Statement 


Resource download

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.


Are you ready to architect your digital future?


Book a free demonstration of iServer365 to see how it can solve your governance, risk and compliance issues


Discuss your requirements

Please include country code

Receive Updates?

By submitting the form you agree to Orbus Software processing your data and agree to our Terms and Conditions.