O'Reilly logo
  • michael howard thinks this is interesting:

A group developed the Sherwood Applied Business Security Architecture (SABSA), as shown in Table 1-3, which is similar to the Zachman Framework. It is a layered framework, with its first layer defining business requirements from a security perspective. Each layer of the framework decreases in abstraction and increases in detail so it builds upon the others and moves from policy to practical implementation of technology and solutions. The idea is to provide a chain of traceability through the contextual, conceptual, logical, physical, component, and operational levels.


Cover of CISSP All-in-One Exam Guide, Seventh Edition, 7th Edition


This is a "Top Down" approach to IT Security