SABSA Unique Selling Points (USPs)

The USPs of the SABSA approach include:

• Business Driven: All information security solutions, whether described by security strategies, security services, security mechanisms or security components, are derived entirely from a set of business requirements for protecting corporate information.
• Risk Driven: All information security solutions, whether technical or procedural in their nature, are designed according to the level of perceived business risk to which the enterprise is exposed with regard to its corporate information.
• Enterprise Wide: The security architecture developed using the SABSA approach takes into account the widest set of enterprise-wide business drivers and requirements, thus ensuring maximum flexibility, return on investment and future-proofing.
• Measured Return of Value: The SABSA Business Attributes Profiling technique is unique in its ability to provide a framework against which the performance of business security solutions can be measured and evaluated in terms of a 'return of value' proposition.
• Management Dashboards: The measurements of performance provided through the SABSA Business Attributes Profiling technique are readily available to be fed into management dashboards showing the performance of security measures against predetermined targets.
• Traceability: The SABSA approach ensures that there is full two-way traceability on key decisions: every technical feature of a solution can be related back to a business requirement and a business benefit - otherwise the technical feature would not be needed; conversely every business requirement can be shown to be fulfilled through the detailed design and implementation of procedural and technical solutions.
• Architectural Governance: The SABSA approach enables a blueprint to be created against which individual projects and business initiatives can be benchmarked for compliance with the enterprise-wide security architecture, and using a suitable governance framework (such as an Architecture Board that controls project budgets) this can be used to ensure that every project is compliant with the enterprise architecture.
• Managing Complexity: The SABSA approach provides a systematic, systems-engineering, top-down hierarchical decomposition method that allows huge complexity to be transformed into manageable simplicity, bringing many benefits of improved manageability in a large team environment and a complex organisation.
• Modularity: The SABSA approach enables the development of security architectures that have clear modularity and thus allows new technologies to be introduced as they emerge, without the need for massive redesign and rework of the infrastructure and applications into which these new technologies will be integrated.
• Balancing the Requirements: The SABSA approach specifically addresses all factors that have an effect on the perception of security solutions in the business user community, such as usability, flexibility, inter-operability, scalability, productivity and many more. This means that not only does the enterprise achieve 'security' appropriate to its business risks, it also avoids introducing new business risks caused by inappropriate security solutions that simply obstruct the need for daily business activity.