SABSA - Security Architecture for TOGAF

Industry Standard Security Architecture Framework

Framework Partners

SABSA Logo Conexiam recommends SABSA as the starting-point for security architecture. Conexiam’s staff were key contributors to the SABSA/TOGAF White Paper, which recommended the integration of TOGAF and SABSA as leading best practice to secure all architectures.

Dave Hornford serves on The SABSA Institute Board of Trustees


The SABSA Model At the heart of the SABSA method is the SABSA Model, a top-down approach that drives the SABSA Development Process. This process analyses the business requirements at the outset, and creates a chain of traceability through the SABSA Lifecycle phases of ‘Strategy & Planning’, ‘Design’, ‘Implement’ and ongoing ‘Manage and Measure’ to ensure preservation of the business mandate. Framework tools created from practical experience, including the SABSA Matrix and the SABSA Business Attributes Profile, further support the whole method.

Ready to find out more?

Drop us a line today for a free quote!

SABSA / TOGAF Guide part of TOGAF 9.2 Body of Knowledge

sabsa framework
sabsa certification
sabsa security architecture
what is sabsa
sabsa model
sabsa matrix
sabsa certification cost
sabsa certification value
sabsa architecture model
sabsa layers
sabsa case study
sabsa framework and methodology
sabsa security architecture framework
sabsa blue book
sabsa lifecycle
sabsa architecture framework
enterprise security architecture based on sabsa
sabsa foundation training
sabsa foundation course
sabsa architecture
sabsa enterprise security architecture
sabsa foundation training course
what does sabsa stand for
what is sabsa framework
sabsa framework is commonly represented as sabsa matrix
why use sabsa
sabsa attribute taxonomy
sabsa templates
sabsa zertifizierung
sabsa worth it
sabsa risk management
wat is sabsa
firebrand sabsa
sabsa taxonomy
sabsa threat modelling
sabsa security architecture approach
sabsa cissp
sabsa attributes taxonomy
sabsa esa
sabsa business drivers
sabsa governance model
sabsa security domain model
sabsa overview
sabsa risk management process
sabsa world congress

Expect Failure

TOGAF vs. SABSA merging the techniques

If you take nothing else away, Business Attributes Profiling are the most powerful tool for creating translated, standardised and ‘normalised’ set of business requirements.

Like other excellent reference tools, the taxonomy provides a checklist of possibility. Instead of brainstorming from a blank piece of paper, you can start with a standard list. Spend your time on analysis. Decide whether a given attribute should be included. Once included, identify the metrics that that explain performance targets.

TOGAF vs. SABSA Next Steps

Start with the SABSA whitepaper. It will provide a solid introduction to SABSA. Once you are comfortable with SABSA, look at Integrating Risk & Security within Enterprise ArchitectureIntegrating Risk & Security provides the core guidance of tying a SABSA-based approach for Security Architecture with best-practice Enterprise Architecture.

TOGAF considers security architecture is a cross-cutting domain. Every domain has risk and security aspects.

TOGAF, SABSA & Navigate

We integrated SABSA's risk model and the Business Attributes Profile techniques into Conexiam Navigate.

SABSA & Navigate Content Framework

Complete call out

The SABSA Institute

When linking to agile software development, the same question is asked, what they should the team assist in answering. Some of the alignment is driven by what the enterprise architecture team is designed to support.

  1. defining the agile approach
  2. guiding the backlog in sprint
  3. constraining the sprints
  4. solving for cross product dependency

Next call out heading

Next call-out

Ready to find out more?

Drop us a line today for a free quote!

Develop your Enterprise Architecture Team

Developing your EA Team is a deliberate process.

Design your EA Team to succeed. We suspect you don't have that much time.

Develop your EA Team

Developing a successful EA Team is deliberate. Developing your team means aligning it for success.

It does not matter which path you take, you will do the same three things:

  1. Improve your architect's skills
  2. Develop your enterprise architecture method
  3. Enhance your organization's use of architecture

We were so confident of our Conexiam Predictable EA we put it through peer review. The Open Group published our approach in the Leader's Guide to developing EA Teams, and the Practitioners' Guide to delivering architecture.

We help with three paths to developing your EA team

>> Decide on your path to a successful EA Team

Develop your EA Team

Steps to build EA Teams

First - The Embarrassing Question

Are you being re-stood up or re-booted?

Developing a re-boot is completely different. You need to know why. How did your predecessor fail? What is need this time?

Second - Boundary of your Enterprise

What is the Enterprise you will Architect?

Know your scope. Everything? A department? The core supply chain?

Third - The EA Team's purpose

What questions do you answer?

Do you serve Strategy, Portfolio, Project Delivery, or Solution Delivery? You get a primary & secondary. Failure patterns abound.

>> Read more about 3 steps to build an EA team

We would love to hear from you.

We develop successful Enterprise Architecture Teams

Developing your EA Team is a deliberate process. Random activity will not create a working complex system in your lifetime. We suspect you don't have that much time.

Design your EA Team to succeed.


Please enter your name.
Please enter a message.
Scroll to Top