Menu
Home
People
Places
Arts
History
Plants & Animals
Science
Life & Culture
Technology
Reference.org
Enterprise information security architecture
open-in-new
<h2 id="overview">Overview</h2> <p>Enterprise information security architecture is becoming a common practice within <a href="/facts/Financial_institutions/MMdhY0g9">financial institutions</a> around the <a href="/facts/Globe/8Pqs2IuQ">globe</a>. The primary purpose of creating an enterprise information security architecture is to ensure that business strategy and IT security are aligned.<a class="footnote-ref" id="fnref:1" href="#fn:1"><sup>1</sup></a> </p> <h2 id="enterprise-information-security-architecture-topics">Enterprise information security architecture topics</h2> <p>Enterprise information security architecture was first formally positioned by <a href="/facts/Gartner/9hd9zakC">Gartner</a> in their <a href="/facts/Whitepaper/ntdvp1Kx">whitepaper</a> called “<i>Incorporating Security into the Enterprise Architecture Process</i>”.<a class="footnote-ref" id="fnref:2" href="#fn:2"><sup>2</sup></a> </p> <h2 id="high-level-security-architecture-framework">High-level security architecture framework</h2> <p>Whilst security architecture frameworks are often custom designed in enterprise organisations, several models are commonly used and adapted to the individual requirements of the organisation </p><p>Commonly used frameworks include: </p> <ul><li><a href="/facts/Sherwood_Applied_Business_Security_Architecture/3IDpeBWv">SABSA framework and methodology</a></li> <li><a href="/facts/DODAF/fjB2hV0z">The U.S. Department of Defense (DoD) Architecture Framework (DoDAF)</a></li> <li><a href="/facts/Extended_Enterprise_Architecture_Framework/FeL4HbUJ">Extended Enterprise Architecture Framework</a> (E2AF) from the <a href="/facts/Institute_For_Enterprise_Architecture_Developments/FeL4HbUJ">Institute For Enterprise Architecture Developments</a>.</li> <li><a href="/facts/Federal_Enterprise_Architecture/tc8880VW">Federal Enterprise Architecture</a> of the United States Government (FEA)</li> <li><a href="/facts/MODAF/6qgLKKzs">The UK Ministry of Defence (MOD) Architecture Framework (MODAF)</a></li> <li><a href="/facts/Service-Oriented_Modeling/dKBECNxo">Service-Oriented Modeling</a> Framework (SOMF)</li> <li><a href="/facts/TOGAF/G8qggAIa">The Open Group Architecture Framework (TOGAF)</a></li> <li><a href="/facts/Zachman_Framework/RN8tJcSM">Zachman Framework</a></li></ul> <h2 id="see-also">See also</h2> <ul><li><a href="/facts/Enterprise_architecture/7UNSuE0l">Enterprise architecture</a></li> <li><a href="/facts/Enterprise_architecture_planning/JSWwt7bM">Enterprise architecture planning</a></li> <li><a href="/facts/Information_security/horlrCln">Information security</a></li> <li><a href="/facts/Information_assurance/ogm8qTsT">Information assurance</a></li></ul> <h2 id="further-reading">Further reading</h2> <ul><li>Carbone, J. A. (2004). <i>IT architecture toolkit.</i> Enterprise computing series. Upper Saddle River, NJ, Prentice Hall PTR.</li> <li>Cook, M. A. (1996). <i>Building enterprise information architectures : reengineering information systems.</i> Hewlett-Packard professional books. Upper Saddle River, NJ, Prentice Hall.</li> <li>Fowler, M. (2003). <i>Patterns of enterprise application architecture.</i> The Addison-Wesley signature series. Boston, Addison-Wesley.</li> <li><a href="http://www.sabsa.org/sabsatogaf">SABSA integration with TOGAF</a>.</li> <li>Groot, R., M. Smits and H. Kuipers (2005). "<a href="http://doi.ieeecomputersociety.org/10.1109/HICSS.2005.25">A Method to Redesign the IS Portfolios in Large Organisations</a>", <i>Proceedings of the 38th Annual Hawaii International Conference on System Sciences</i> (HICSS'05). Track 8, p. 223a. <a href="/facts/IEEE/UddC4pUW">IEEE</a>.</li> <li><a href="/facts/Steven_Spewak/nEwwxWPb">Steven Spewak</a> and S. C. Hill (1993). <i>Enterprise architecture planning : developing a blueprint for data, applications, and technology.</i> Boston, QED Pub. Group.</li> <li>Woody, Aaron (2013). <a href="https://books.google.com/books?id=ZjteH8afY2kC">Enterprise Security: A Data-Centric Approach to Securing the Enterprise</a>. Birmingham, UK. Packt Publishing Ltd.</li></ul> <h2 id="references">References</h2> <ol> <li id="fn:1"><p>"21 principles of enterprise architecture for the financial sector". developer.ibm.com. Retrieved 2022-09-28. <a href="https://developer.ibm.com/articles/enterprise-architecture-financial-sector/" target="_blank">https://developer.ibm.com/articles/enterprise-architecture-financial-sector/</a> <a href="#fnref:1" class="footnote-back-ref">↩</a></p></li> <li id="fn:2"><p>"Incorporating Security Into the Enterprise Architecture Process". www.gartner.com. Archived from the original on June 6, 2010. Retrieved 30 August 2015. <a href="https://web.archive.org/web/20100606014912/http://www.gartner.com/DisplayDocument?ref=g_search&id=488575" target="_blank">https://web.archive.org/web/20100606014912/http://www.gartner.com/DisplayDocument?ref=g_search&id=488575</a> <a href="#fnref:2" class="footnote-back-ref">↩</a></p></li> </ol>