Home SABSA Matrices

SABSA matrices

For detailed analysis of each of the six layers, the SABSA matrix also uses the same six questions that are used in the Zachman Framework and which were so eloquently articulated by Rudyard Kipling in his poem ‘I Keep Six Honest Serving Men’: What, Why and When, How, Where and Who?  For each horizontal layer there is a vertical analysis as follows:

What are you trying to do at this layer? – The assets to be protected by your security architecture.

Why are you doing it? – The motivation for wanting to apply security, expressed in the terms of this layer.

How are you trying to do it? – The functions needed to achieve security at this layer.

Who is involved? – The people and organisational aspects of security at this layer.

Where are you doing it? – The locations where you apply your security, relevant to this layer.

When are you doing it? – The time-related aspects of security relevant to this layer.

These six vertical architectural elements are now summarised for all six horizontal layers.  This gives a 6 x 6 matrix of cells, which represents the whole model for the enterprise security architecture.  It is called the SABSA matrix (see below).  If you can address the issues raised by each and every one of these cells, then you will have covered the entire range of questions to be answered, and you can have a high level of confidence that your security architecture is complete.

SABSA-6x6 matrix
(Click for bigger view)

SABSA framework for security service management

The area of security service management, administration and operations is addressed through the SABSA operational architecture layer.  This layer of the framework is applied vertically across all of the other five providing enormous flexibility to ensure seamless and holistic integration with the standards & operational frameworks of your choice.  SABSA not only ensures Information Security compliance with frameworks such as ITIL, BS15000 / AS8018, ISO 17799, and CobIT, but where these state what needs to be done SABSA delivers the invaluable roadmap to determine how it should be done in your business context.

SABSA-6x5 matrix
(Click for bigger view)

top