TOGAF and SABSA Integration Guide was written by the SABSA Institute and the Open Group's Architecture Forum. This work looked at the world's leading Security Architecture method and TOGAF to ensure that leading enterprise architects could follow industry best practice. The work found that TOGAF's essential scaffolding aligned with best-practice security architecture.

Too often architects have bolted security into other architecture. This is clearly not best practice. The vision of this work is to support enterprise architects who need to take operational risk management into account. This guide describes how SABSA can best be used while developing an enterprise architecture. Unlike regarding security as a separate product, this paper gives a practical approach that makes the SABSA security requirements and services available as common TOGAF artifacts.

You should adopt these best practices.

TOGAF and SABSA Integration for Security Architecture & Risk Management

TOGAF and SABSA integration provides specialized techniques like SABSA business risk and opportunity-driven security architecture approach can be seamlessly integrated into the TOGAF business strategy-driven approach to develop a richer, more complete enterprise architecture.Enterprise Architecture requires you to understand the real-world. The purpose is deliberate change. In a modern digital world, Information Security Management is mandatory. Risk is the effect of uncertainty on meeting objectives. Risk management is managing uncertainty of meeting objectives.

Nothing is more important in developing an architecture for deliberate change than removing uncertainty
Integrating Risk and Security with TOGAF brings risk and security practice to enterprise architecture

The SABSA Institute and the Open Group jointly developed the TOGAF and SABSA Integration Guide. The Open Group's Architecture Forum brought best-practices and TOGAF's essential scaffolding. The SABSA Institute brough best-practice Security Architecture and Enterprise Risk Management focus on benefit realization.

SABSA Institute

The SABSA Institute develops and publishes SABSA. The SABSA Institute envisions a global business world of the future, leveraging the power of digital technologies, enabled in the management of information risk, information assurance and information security through the adoption of SABSA as the framework and method of first choice for commercial, industrial, educational, government, military and charitable enterprises, regardless of industry sector, nationality, size or socio-economic status, and leading to enhancements in social well-being and economic success.

Navigate, TOGAF, and SABSA Integration

TOGAF and SABSA Integration Guide follows Conexiam's best practice of integrating method, tool, and technique. Instead of a simplistic merging, we align the concepts. SABSA provides a detailed method for developing security architecture. Following the model outlined in Using Reference Architectures for Digital Transformation, we align concepts. We leave best practice method unchanged. Conexiam consulting recommends for formal SABSA certification. SABSA provides industry leading best-practice to TOGAF's essential scaffolding. In fact, we integrated SABSA's risk model and the Business Attributes Profile techniques into Conexiam Navigate.

What happens next

The TOGAF and SABSA Integration guide is also available from The SABSA Institute and The Open Group.

1. You will get an email with a download link for the TOGAF and SABSA Integration Guide. The link is valid for 15 minutes. If it expires, please re-request.
2. We will add you to an email list that focuses on Security Architecture. The list gets new free content assisting building Security Architecture within your Enterprise Architecture.
   You are free to skip joining the list.
3. You will get an invitation to join our free EA Community.
   • Regular free EA professional development webinars
   • Free downloads, including Conexiam Navigate
   • Free recorded Enterprise Architecture development training
   • Limited time access to Practical EA & Predictable EA material