Enterprise information security architecture is the practice of designing, constructing and maintaining information security strategies and policies in enterprise organisations. A subset of enterprise architecture, information security frameworks are often given their own dedicated resources in larger organisations and are therefore significantly more complex and robust than in small and medium sized enterprises.
Enterprise information security architecture is becoming a common practice within financial institutions around the globe. The primary purpose of creating an enterprise information security architecture is to ensure that business strategy and IT security are aligned.[1] Enterprise Security involves processes, strategies, and techniques for securing IT assets and information against risks and unauthorized access that may violate and affect the integrity and confidentiality of these systems. It also encompasses the processes, technology, and people involved in sustaining a secure environment for protecting digital assets.
Enterprise information security architecture topicsedit
Enterprise information security architecture was first formally positioned by Gartner in their whitepaper called “Incorporating Security into the Enterprise Architecture Process”.[2]
High-level security architecture frameworkedit
Huxham Security Framework
Whilst security architecture frameworks are often custom designed in enterprise organisations, several models are commonly used and adapted to the individual requirements of the organisation
^"21 principles of enterprise architecture for the financial sector". developer.ibm.com. Retrieved 2022-09-28.
^. www.gartner.com. Archived from the original on June 6, 2010. Retrieved 30 August 2015.
Further readingedit
Carbone, J. A. (2004). IT architecture toolkit. Enterprise computing series. Upper Saddle River, NJ, Prentice Hall PTR.
Cook, M. A. (1996). Building enterprise information architectures : reengineering information systems. Hewlett-Packard professional books. Upper Saddle River, NJ, Prentice Hall.
Fowler, M. (2003). Patterns of enterprise application architecture. The Addison-Wesley signature series. Boston, Addison-Wesley.
SABSA integration with TOGAF.
Groot, R., M. Smits and H. Kuipers (2005). "A Method to Redesign the IS Portfolios in Large Organisations", Proceedings of the 38th Annual Hawaii International Conference on System Sciences (HICSS'05). Track 8, p. 223a. IEEE.
Steven Spewak and S. C. Hill (1993). Enterprise architecture planning : developing a blueprint for data, applications, and technology. Boston, QED Pub. Group.
Woody, Aaron (2013). Enterprise Security: A Data-Centric Approach to Securing the Enterprise. Birmingham, UK. Packt Publishing Ltd.
October 31, 2023
enterprise, information, security, architecture, this, article, multiple, issues, please, help, improve, discuss, these, issues, talk, page, learn, when, remove, these, template, messages, topic, this, article, meet, wikipedia, general, notability, guideline, . This article has multiple issues Please help improve it or discuss these issues on the talk page Learn how and when to remove these template messages The topic of this article may not meet Wikipedia s general notability guideline Please help to demonstrate the notability of the topic by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention If notability cannot be shown the article is likely to be merged redirected or deleted Find sources Enterprise information security architecture news newspapers books scholar JSTOR April 2015 Learn how and when to remove this template message Some of this article s listed sources may not be reliable Please help this article by looking for better more reliable sources Unreliable citations may be challenged or deleted April 2015 Learn how and when to remove this template message This article needs additional citations for verification Please help improve this article by adding citations to reliable sources Unsourced material may be challenged and removed Find sources Enterprise information security architecture news newspapers books scholar JSTOR August 2015 Learn how and when to remove this template message Learn how and when to remove this template message Enterprise information security architecture is the practice of designing constructing and maintaining information security strategies and policies in enterprise organisations A subset of enterprise architecture information security frameworks are often given their own dedicated resources in larger organisations and are therefore significantly more complex and robust than in small and medium sized enterprises Contents 1 Overview 2 Enterprise information security architecture topics 3 High level security architecture framework 4 See also 5 References 6 Further readingOverview editEnterprise information security architecture is becoming a common practice within financial institutions around the globe The primary purpose of creating an enterprise information security architecture is to ensure that business strategy and IT security are aligned 1 Enterprise Security involves processes strategies and techniques for securing IT assets and information against risks and unauthorized access that may violate and affect the integrity and confidentiality of these systems It also encompasses the processes technology and people involved in sustaining a secure environment for protecting digital assets Enterprise information security architecture topics edit nbsp Enterprise information security architecture was first formally positioned by Gartner in their whitepaper called Incorporating Security into the Enterprise Architecture Process 2 High level security architecture framework edit nbsp Huxham Security FrameworkWhilst security architecture frameworks are often custom designed in enterprise organisations several models are commonly used and adapted to the individual requirements of the organisationCommonly used frameworks include SABSA framework and methodology The U S Department of Defense DoD Architecture Framework DoDAF Extended Enterprise Architecture Framework E2AF from the Institute For Enterprise Architecture Developments Federal Enterprise Architecture of the United States Government FEA The UK Ministry of Defence MOD Architecture Framework MODAF Service Oriented Modeling Framework SOMF The Open Group Architecture Framework TOGAF Zachman FrameworkSee also editEnterprise architecture Enterprise architecture planning Information security Information assuranceReferences edit 21 principles of enterprise architecture for the financial sector developer ibm com Retrieved 2022 09 28 Incorporating Security Into the Enterprise Architecture Process www gartner com Archived from the original on June 6 2010 Retrieved 30 August 2015 Further reading editCarbone J A 2004 IT architecture toolkit Enterprise computing series Upper Saddle River NJ Prentice Hall PTR Cook M A 1996 Building enterprise information architectures reengineering information systems Hewlett Packard professional books Upper Saddle River NJ Prentice Hall Fowler M 2003 Patterns of enterprise application architecture The Addison Wesley signature series Boston Addison Wesley SABSA integration with TOGAF Groot R M Smits and H Kuipers 2005 A Method to Redesign the IS Portfolios in Large Organisations Proceedings of the 38th Annual Hawaii International Conference on System Sciences HICSS 05 Track 8 p 223a IEEE Steven Spewak and S C Hill 1993 Enterprise architecture planning developing a blueprint for data applications and technology Boston QED Pub Group Woody Aaron 2013 Enterprise Security A Data Centric Approach to Securing the Enterprise Birmingham UK Packt Publishing Ltd Retrieved from https en wikipedia org w index php title Enterprise information security architecture amp oldid 1170786292, wikipedia, wiki, book, books, library,
