Description

SABSA® is a methodology for developing risk-driven enterprise information security and information assurance architectures and for delivering security infrastructure solutions that support critical business initiatives. It is an open standard, comprising a number of frameworks, models, methods and processes, free for use by all, with no licensing required for end-user organisations who make use of the standard in developing and implementing architectures and solutions.

This is the extended and updated 2009 version of the SABSA White Paper which provides a detailed executive summary and overview of the framework and its benefits and provides a good understanding of why SABSA is fast becoming a world leader with adoption by major government agencies and global corporates in all fields.

At the heart of the SABSA methodology is the SABSA Model, a top-down approach that drives the SABSA Development Process. This process analyses the business requirements at the outset, and creates a chain of traceability through the SABSA Lifecycle phases of ‘Strategy & Planning’, ‘Design’, ‘Implement’ and ongoing ‘Manage and Measure’ to ensure that the business mandate is preserved. Framework tools created from practical experience, including the SABSA Matrix and the SABSA Business Attributes Profile, further support the whole methodology.