So how does an architectural approach help me?

SABSA® is a methodology for developing risk-driven enterprise information security and information assurance architectures and for delivering security infrastructure solutions that support critical business initiatives. It is an open standard, comprising a number of frameworks, models, methods and processes. It also provides two-way traceability, simply defined as “Doing the right thing” versus “Doing the thing right


Managing Complexity

Managing complexity is achieved by addressing the architectural requirements in layers. The uppermost layer is pure business (contextual) and as the layers become more technical in nature, more detail is elicited.

This approach allows flexible and justifiable architecture stacks to be built to aid in the decision making process

Building in Layers

Each layer represents the view of a different player in the process of specifying designing, constructing and using the infrastructure.

Using a layered approach results in focus at the deliverable at that layer which reduces overall ‘noise’ in the development process.

Layers allows the development of dashboards, frameworks, policies, designs and tools in a coherent, justified manner.


More information can be found at The SABSA Web Page