Reply To: OCU ISSO Week 2 Lesson 05 Discussion
The first framework I chose is the John Zachman Framework, a two-dimensional scheme identifying levels of architecture and interest. The Zachman Framework is an enterprise architecture ontology that uses a schema for organizing architectural artifacts. The Zachman Framework considers and synergizes both the artifact targets and particular issues being addressed.
The John Zachman Framework was introduced in the 1980s by John Zachman. Zachman introduced six descriptive areas of focus. Data, function, network, people, time, and motivation were included. Zachman also proposed six perspectives, also known as players. They are planners, owners, designers, builders, subcontractors, and enterprises.
Zachman developed his framework because he believed that systems were bringing about complex data that needed to be mapped in a clearer classification and interfaces. John Zachman Framework creates a “blueprint” of IT components across an enterprise.
Reference GmbH, L. I. X. (n.d.). The Zachman Framework – a definitive guide. LeanIX. http://www.leanix.net/en/wiki/ea/zachman-framework?
The second framework is the SABSA or Sherwood Applied Business Security Architecture. The SABSA Framework focuses on a similar building block approach but is more related to the ESA concept. The SABSA focuses on contextual security architecture, conceptual security architecture, logical security architecture, physical security architecture, and component security architecture.
The SABSA Framework is used for developing risk-driven enterprise information security and information assurance architecture. SABSA also aids in delivering security infrastructure solutions that support critical business initiatives.
Key facts about SABSA are:
SABSA is Open standard, generic, and vendor-neutral.
SABSA is owned, governed, protected, and maintained by the SABSA Institute.
SABSAs framework is scalable and can be used by any industry or organization.
SABSA was designed for the development of security architectures and solutions.
SABSA integrates with TOGAF, ITIL, and COBIT, as well as other governance, compliance, and audit frameworks.
Reference What is SABSA?: Orbus Software. Orbus 2021 Website. (n.d.). https://www.orbussoftware.com/solutions/governance-risk-and-compliance/sabsa/what-is-sabsa.