What is SABSA?
SABSA is a Security Architecture Framework. It is optimized for comprehensive top-down traceability - from business strategy to technical security controls.
The SABSA model drives the SABSA Development Process that develops the security architecture domain of your enterprise architecture. First, you understand the strategic context creating foundational business requirements. Step-by-step you extend the chain of traceability through the entire security architecture.
The basic questions are answered
- what is being considered
- when is the activity performed
- how is the activity performed
- who performs the activity
- where is the activity performed
Asking the questions top-down ensures you have continually developed architecture specifications. For example, What at the Contextual Layer traces directly to What at the Component Layer.
SABSA's tools were built from practical experience, and work together. Some of the most important include the SABSA Model, the SABSA Business Attributes Profile, the SABSA Risk Model, and the SABSA Domain Model.
Download Business Leader’s Guide to AI
Download Business Leader’s Guide to Artificial Intelligence Organizations that successfully apply innovative technology have had a competitive advantage. Innovative technology does not come with established success patterns and best practices. Innovative technology is novel and […]
Download the Introduction to the TOGAF Standard, 10th Edition
Download Introduction to the TOGAF® Standard, 10th Edition The TOGAF Standard, 10th Edition makes adoption of enterprise architecture best practices easier. It separates the universal concepts from proven best practice. The standard underscore where to […]
Download Capability-based Planning Guide
Download Capability-based Planning Guide Always drive to realize value. Half an improvement is 100% waste! No one teaches an Eagle to crawl, walk, or run. Eagles Fly! Download Teach your Eagles to Fly: Capability-based Planning […]
Download Business Architecture Capability Assessment Guide
Download Business Architecture Capability Assessment Guide Download a Business Architecture Capability Assessment Guide. Capability-based planning is one of the most powerful business architecture improvement techniques. Best practice of capability-based planning uses capability as a management […]
Download Sample Enterprise Architecture Principles
Download Sample Architecture Principles Download a sample enterprise architecture principles. Enterprise Architecture principles identify how to approach a problem or decision. The approach always drives you towards your enduring priorities. Download Sample Enterprise Architecture Principles […]
Download Enterprise Architecture Governance Guide
Download Enterprise Architecture Governance Guide Download the Enterprise Architecture Governance Guide to understand best practice to direct and control the development of architecture, and change to obtain the expected outcomes. Download Enterprise Architecture Governance Guide […]
Download TOGAF and SABSA Integration
Download TOGAF and SABSA Integration Bring SABSA, the world’s best security architecture framework, and TOGAF, the industry standard enterprise architecture framework together. Download TOGAF and SABSA Integration TOGAF and SABSA Integration Includes SABSA uses a […]
Download Enterprise Architecture Capability Reference Architecture
Download Enterprise Architecture Capability Reference Architecture The Enterprise Architecture Capability Reference Architecture will speed up establishing and enhancing your EA Team. Design your Enterprise Architecture Team for success. Identify and enhance the your enterprise architecture […]
Download Agile Enterprise Architecture Report
Download the Agile Enterprise Architecture Report The Agile Enterprise Architecture Report covers our experience – Agile Enterprise Architecture is real, practical and valuable. We do it every day. Field reports bridge the theoretical concepts and […]
Download Agile Enterprise Architecture Case Study
Download the Agile Enterprise Architecture Case Study Download the Agile Enterprise Architecture Case Study to see an example developing an EA Capability and useful architecture at the same time. We cover all six use cases […]
How Does SABSA Stack-Up as an Architecture Framework?
When evaluating SABSA, we need to know what to look for. When evaluating enterprise architecture frameworks, look for the essential scaffolding.
What to look for in an Enterprise Architecture Framework
Tools and method are the core of an optimized enterprise architecture framework.
Tools can include:
- Analytic Models
- Viewpoint Library
- Reference Architectures
- Architecture Specifications
- Deliverables
Method will address:
- Architecture Development Method
- Transition to Implementation
- Implementation Governance
- Enterprise Architecture Work Management
When compared to all the things needed in an optimized framework, BIAN is a great set of reference architectures. However, for an architecture framework it has holes. This does not mean there are no BIAN framework uses cases. It means that an optimized framework needs more.
SABSA Framework |
|
| Tools | |
| Analytic Models | Limited
SABSA Lifecycle Model SABSA Business Attributes Profile SABSA Assurance Model |
| Viewpoint Library | The six fundamental questions and the perspectives provide the start of a solid ViewPoint Library
The SABSA model was built using the Zachman Framework |
| Reference Architecture | SABSA only includes one reference model - the SABSA Business Attributes Profile
the other models inside SABSA are a wonderful foundation for an organization specific reference models:
|
| Architecture Specifications | Missing
The Service Management Architecture does support definition of Security Controls and other Security Standards |
| Deliverables | Missing |
| Method | |
| Architecture Development Method | Lightweight.
SABSA certification training provides a traverse from the business strategy (Business View) to a logical security architecture (Designer's View) |
| Transition to Implementation | Lightweight.
The Service Management layer is implementation focused. However, SABSA is silent on concepts like Gaps and Work Packages. |
| Implementation Governance | Missing |
| Enterprise Architecture Work Management | Missing |
Enterprise Architecture Training and TOGAF Training
TOGAF Enterprise Architecture Training Course
Do you want training for TOGAF Certification? Demonstrate your knowledge of enterprise architecture with TOGAF Certification TOGAF® Enterprise Architecture Training Course Take a major step to be a better enterprise architect with TOGAF Standard, 10th […]
Business Architecture Training Course
Business Architecture Training Effective enterprise architecture relies on business architecture. The course gives students the skills and knowledge to develop business architecture in an enterprise architecture setting. Business architecture involves describing the structure of the […]
Avolution ABACUS Training Course
Avolution ABACUS Training Effective enterprise architecture relies on formal modeling and analysis. We provide Avolution ABACUS training from hand-on enterprise architects. Students gain skills and knowledge to create integrated enterprise and domain architectures in this […]
Enterprise Architect’s Kickstart
Enterprise Architect’s Kickstart We need to keep our skills current. More now than ever. Use the Enterprise Architecture Kickstart to improve your ability to deliver transformative enterprise architecture. This 90-day kick-start is how Conexiam Consulting […]
Effective Online Education
Effective Online Education Effective online education works. Students to access the best available instructor. Students control the pace of their learning. Instructors can share rich supplemental material without distracting from the primary topic. Effective distance […]
Custom Enterprise Architecture Training
Custom Enterprise Architecture Training Custom enterprise architecture training addresses the professional development your EA Team needs. Good enterprise architects use a broad set of skills, method, in addition to specialized domain knowledge to develop enterprise […]
Go Further with Best Practice Enterprise Architecture Process and Method
Best practice enterprise architecture from Conexiam Navigate
Using Scenario Analysis for Enterprise Architecture
Using Scenario Analysis for Enterprise Architecture A scenario is simply a plausible future. Scenario analysis looks at how we get to a plausible future and how different scenarios impact our current choices. Scenarios help leaders […]
Developing Enterprise Architecture Strategy
Developing Enterprise Architecture Strategy: Strategic Plan for Change Enterprise Architecture Strategy is action. Action your organization will take and the changes you will make to reach your strategic goals. Strategy development is all about choice. […]
Best Practices to Implement Enterprise Architecture Management Tools
Best Practices to Implement Enterprise Architecture Management Tools Enterprise Architecture Management Tools are designed to support the planning, design, analysis, and execution of enterprise architecture. They enable enterprise architects to examine the need for change […]
Standing-up a Modern Architecture Review Board
Standing-up a Modern Architecture Review Board Standing-up an modern architecture review board requires creating a dynamic governance process and establishing a top-level back-stop decision-making body. The objective is to establish effective architecture governance without bureaucracy. […]
Understanding Enterprise Architecture and Agile
Understanding Enterprise Architecture and Agile Both agile and enterprise architecture are designed to reduce risk. Agile software development excels at building something that we have never had before and do not know how to build. […]
Unlocking Your Business Potential: How to Create an Effective Capability Map
Unlocking Your Business Potential: How to Create an Effective Capability Map Are you struggling to identify the capabilities needed to take your business to the next level? Do you find it challenging to align resources […]
Making Smarter Choices: Why Your Business Needs Architectural Decisions
Making Smarter Choices: Why Your Business Needs Architectural Decisions Enterprises are constantly confronted with the challenge of making crucial decisions. Every day, decisions, including operational practices and technology selections, have a significant impact on a […]
Discover the Power of Enterprise Architecture Patterns
Discovering the Power of Enterprise Architecture Patterns: A Comprehensive Guide Every organization wants to improve. Streamline their operations. Enhance their enterprise agility. Align change with their strategies. Succeed at digital transformation. Enterprise Architecture, a discipline […]
Enterprise Architecture Work Management
Enterprise Architecture Work Management Enterprise Architecture Work Management is crucial to the day-to-day success of an Enterprise Architecture Team. Architects must deliver useful guidance before stakeholders make informed decisions. Enterprise architects need to translate the […]
Developing an Architecture View
Developing an Architecture View Enterprise architecture is an essential compass. It helps organizations navigate the complexities of technology, strategy, and operations. The core of enterprise architecture is a systematic approach. The objective is to ensure […]
TOGAF vs. SABSA - Put them together
The idea of TOGAF vs. SABSA is absurd. The two architecture frameworks work together smoothly. They work together by design. Your security architecture is part of your enterprise architecture. SABSA addresses developing part of the enterprise architecture.
Let's start with TOGAF. TOGAF is larger than SABSA because it covers all architecture domains. TOGAF is an end-to-end enterprise architecture framework that provides essential scaffolding and is short on detailed how-to instruction. Possible enterprise architecture use cases prevent TOGAF from detailed how-to.
SABSA covers one architecture domain. It is a specific method supporting enterprise security architecture. It provides a series of integrated models, methods, and processes. We can independently use these or as a holistic technique. SABSA is a domain architecture framework.
Instead of SABSA vs. TOGAF, think of TOGAF plus SABSA. Think enterprise architecture with world-class risk and security.
Thinking enterprise architecture plus world-class security architecture led the SABSA Institute and The Open Group to collaborate. First with the TOGAF and SABSA Integration Paper, then the TOGAF Series Guide on Integrating Risk and Security into TOGAF.
SABSA plus TOGAF allows enhancing your enterprise architecture with the best security architecture approach.
Leverage SABSA in Enterrise Architecture
SABSA vs. TOGAF - Using SABSA Business Attributes Profile
SABSA Business Attributes Profile is at the heart of the SABSA method. This ‘requirements engineering’ technique makes SABSA truly unique and provides the linkage between business requirements and technology / process design. If you take nothing else away, Business Attributes Profiling is the most powerful tool for creating translated, standardized and ‘normalized’ set of business requirements.
Like other excellent reference tools, the taxonomy provides a checklist of possibility. Instead of brainstorming from a blank piece of paper, start with a standard list. Spend your time on analysis. Decide whether to include an attribute. Once included, identify the metrics for performance targets.
SABSA vs. TOGAF - Using the SABSA Risk Model
SABSA explicitly ties threat and opportunity together in the SABSA Risk Model. Rather than limiting consideration of risk to minimizing potential threat, SABSA balances risk thinking. Everything we do creates opportunities and threats.
Embed SABSA's ‘risk thinking’ within an enterprise architecture team to be instinctive about the enterprise culture. Achieve balance between realizing opportunities for gains while minimizing losses. Apply an architecturally structured and comprehensive approach
SABSA vs. TOGAF - Using the SABSA Domain Model
Risk management is about balancing potential gains against potential loss. The SABSA Domain Model integrates and aligns risk silos. Test who realizes the benefit with who bears the cost. You holistically embed risk management into all levels and perspectives of enterprise.
Failing to ensure the cost and benefit decisions are made by an appropriate decision maker destroys risk management. Someone who only bears cost, always errs on the side of avoiding potential loss. Cost free benefit owners create massive potential downside for others.
Enterprise Architecture Capability Workshop
Enterprise Architecture Capability Workshop The Enterprise Architecture Capability Workshop starts with your enterprise architecture use case and develops an improvement roadmap for your EA Team. The Enterprise Architecture Capability Workshop results in a designed EA […]
Initiative Strategy Workshop
Initiative Strategy Workshop Initiative Strategy Workshops develop a strategy for an initiative. Used for new initiatives, and initiatives that have stumbled. Understand what actions are available to reach the outcome. Be able to articulate the […]
Stakeholder Engagement Workshop
Stakeholder Engagement Workshop Stakeholder Engagement Workshops start your architecture development on a firm footing. Understand your key stakeholders, their concerns, how to engage, and how to communicate. Get Help to Start Today Stakeholder Engagement Workshop […]
Scenario-Based Architecture Roadmap Workshop
Scenario-Based Architecture Roadmap Workshop Scenario-Based Architecture Roadmap Workshops develop candidate architecture roadmaps using scenario analysis. Scenario analysis tied together with architecture roadmaps are powerful tools when used early in architecture development. When you need to […]
Enterprise Architecture Governance Workshop
Enterprise Architecture Governance Workshop Enterprise Architecture Governance Workshops ensure your architecture project and implementation project have the architecture governance to succeed. You do not have time time to run failed improvement efforts. Enterprise Architecture Governance […]
Conclusion
TOGAF vs SABSA is a false choice. Both work together. SABSA is the world's leading security architecture framework. TOGAF is a modular enterprise architecture framework that is easily extensible to use domain best-practice.
The SABSA Institute and The Open Group Architecture Forum have been working to end the false choice. We develop better enterprise architecture with best practice security architecture.
