What is SABSA?
Sherwood Applied Business Security Architecture (SABSA) is a framework for developing risk-driven, business-focused security architectures. It aligns security initiatives with business requirements and risk management strategies.
SABSA provides a layered approach to architecture, covering contextual, conceptual, logical, physical, and component perspectives, ensuring that security is integrated throughout the organization.
What is SABSA used for?
SABSA is used to design and implement security architectures that support business objectives while managing risk. It helps organizations align Security Controls with Critical Business Assets (CBA) and processes.
Security architects use SABSA alongside frameworks such as TOGAF and NIST Cybersecurity Framework to build scalable, resilient, and business-aligned security programs.