Sherwood Applied Business Security Architecture

SABSA (Sherwood Applied Business Security Architecture) is a framework and methodology for enterprise security architecture and service management. It was developed independently from the Zachman Framework, but has a similar structure. SABSA (Sherwood Applied Business Security Architecture) is a framework and methodology for enterprise security architecture and service management. It was developed independently from the Zachman Framework, but has a similar structure. SABSA is a model and a methodology for developing risk-driven enterprise information security architectures and for delivering security infrastructure solutions that support critical business initiatives. The primary characteristic of the SABSA model is that everything must be derived from an analysis of the business requirements for security, especially those in which security has an enabling function through which new business opportunities can be developed and exploited. The process analyzes the business requirements at the outset, and creates a chain of traceability through the strategy and concept, design, implementation, and ongoing ‘manage and measure’ phases of the lifecycle to ensure that the business mandate is preserved. Framework tools created from practical experience further support the whole methodology.