skip to main content

Vs Togaf |top|: Sabsa

Together, they form a .

| Phase of TOGAF ADM | How SABSA Adds Value | |--------------------|------------------------| | | SABSA contextual layer helps define security principles, risk appetite, and business drivers. | | Phase A (Architecture Vision) | SABSA conceptual layer translates business risks into security goals and success criteria. | | Phase B (Business Architecture) | SABSA’s business view ensures security requirements are captured as functional / non‑functional requirements. | | Phase C (Data / Application) | SABSA logical & physical layers define security controls (e.g., data classification, encryption, access control). | | Phase D (Technology) | SABSA component layer specifies security infrastructure (firewalls, IDS, IAM). | | Phase E–F (Opportunities & Migration) | SABSA operational layer feeds into security project roadmaps and transitional architectures. | | Phase G (Governance) | SABSA’s assurance and metrics support ongoing security compliance and audit. | Best practice : Use TOGAF ADM as the process engine and SABSA as the security design method embedded inside it. 4. When to Use Which? | Scenario | Recommended | |----------|--------------| | You need a complete enterprise architecture framework (business, data, app, tech, plus governance). | TOGAF | | You are designing or auditing a security architecture from scratch. | SABSA | | Your organization already uses TOGAF and needs to add rigorous security architecture. | SABSA + TOGAF (embed SABSA into ADM) | | You are a security architect in a non‑enterprise‑architecture mature org. | SABSA (lightweight) | | You need a common framework to align multiple teams (business, IT, security, operations). | TOGAF (with security cross‑cutting) | 5. Summary Table | Feature | SABSA | TOGAF | |---------|-------|-------| | Domain | Security architecture | Enterprise architecture (all domains) | | Lifecycle process | Not prescribed | Yes (ADM) | | Core artifact | 6‑layer security matrix | Architecture deliverables (e.g., Architecture Definition Document) | | Risk model | Built‑in (business‑driven) | Referenced (not built‑in) | | Certifications | SABSA Foundation / Practitioner / Master | TOGAF 9 / 10 (Level 1 & 2) | | Industry recognition | High in security architecture | Very high in general enterprise architecture | | Best used as | Security design framework | Overall architecture process framework | Final Takeaway SABSA tells you what a good security architecture looks like and why . TOGAF tells you how to build any architecture (including security) in a structured, repeatable way. Use TOGAF to run the architecture development lifecycle. Use SABSA inside TOGAF’s security‑related tasks to ensure the result is complete, traceable, and risk‑driven. sabsa vs togaf

Don't miss an update

Stay updated on the latest products and services anytime anywhere.

Go to screen top.
SVG Icons