T0082: Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle. 0000552677 00000 n 0000491641 00000 n 0000599775 00000 n 0000472197 00000 n 0000077359 00000 n 0000227517 00000 n 0000105745 00000 n 0000334513 00000 n 0000327918 00000 n 0000087817 00000 n 0000467386 00000 n 0000110547 00000 n 0000482941 00000 n 0000107108 00000 n 0000105087 00000 n 0000648768 00000 n 0000538659 00000 n 0000407757 00000 n 0000111816 00000 n 0000099896 00000 n 0000647083 00000 n 0000225013 00000 n 0000641357 00000 n 0000296033 00000 n 0000092626 00000 n 0000394319 00000 n 0000379208 00000 n 0000083878 00000 n 0000219837 00000 n 0000566929 00000 n 0000110688 00000 n 0000085820 00000 n 0000091545 00000 n 0000589100 00000 n 0000076888 00000 n 0000664236 00000 n 0000151564 00000 n 0000347442 00000 n 0000494600 00000 n 0000523046 00000 n 0000650596 00000 n 0000192655 00000 n 0000105369 00000 n 0000085582 00000 n 0000385216 00000 n 0000089660 00000 n 0000080925 00000 n The type of security technology that is used depends on how the enterprise security architecture is designed, implemented, and supported via corporate security standards. 0000095679 00000 n 0000088715 00000 n cal Security Controls list, meanwhile, provides an even bigger information security boost.7 Indeed, the U.S. State Department reported that implementing those 20 controls reduced its cybersecurity risks by 94%. 0000365008 00000 n 0000109372 00000 n 0000108761 00000 n 0000536216 00000 n 0000156026 00000 n 0000631518 00000 n 0000134216 00000 n 0000099608 00000 n 0000386315 00000 n 0000085535 00000 n 0000662542 00000 n 0000107580 00000 n 0000590604 00000 n 0000522749 00000 n 0000092062 00000 n 0000105980 00000 n 0000170883 00000 n 0000579805 00000 n 0000615509 00000 n 0000100560 00000 n 0000101366 00000 n 0000651301 00000 n 0000633482 00000 n 0000180847 00000 n 0000659172 00000 n 0000092946 00000 n 0000104758 00000 n 0000128148 00000 n 0000165437 00000 n 0000339481 00000 n 0000451865 00000 n 0000573065 00000 n 0000080688 00000 n 0000111205 00000 n In addition to the technical challenge, information security is also a management and social problem. 0000496765 00000 n 0000340693 00000 n 0000102923 00000 n 0000620456 00000 n 0000089613 00000 n 0000084301 00000 n 0000527745 00000 n 0000292137 00000 n 0000236600 00000 n The purpose of this security plan is to provide an overview of the security of the [System Name] and describe the controls and critical elements in place or planned for, based on NIST Special Publication (SP) 800-53 Rev. 0000216999 00000 n 0000077642 00000 n 0000320458 00000 n 0000424881 00000 n 0000110594 00000 n SABSA is a business-driven security framework for enterprises that is based on risk and opportunities associated with it. 0000089047 00000 n To create a consistent cybersecurity architecture, consider off-the-shelf solutions built using open standards such as the TCG frameworks. 0000507951 00000 n 0000097619 00000 n 0000160242 00000 n 0000244286 00000 n 0000343463 00000 n 0000562042 00000 n 0000101742 00000 n 0000110312 00000 n 0000644733 00000 n 0000136619 00000 n Effective and efficient security architectures consist of three components. 0000488703 00000 n 0000402556 00000 n 0000235639 00000 n 0000368719 00000 n Information Architecture: Aka as Data Architecture: 5.3: Application Architecture: A.k.a. 0000199248 00000 n 0000090652 00000 n 0000557426 00000 n 0000090228 00000 n 0000699162 00000 n 0000346935 00000 n 0000085915 00000 n 0000299984 00000 n 0000246861 00000 n 0000660136 00000 n 0000100466 00000 n 0000100750 00000 n 0000380170 00000 n 0000197973 00000 n 0000439942 00000 n 0000294117 00000 n 0000106403 00000 n 0000569647 00000 n 0000509992 00000 n 0000364643 00000 n 0000104476 00000 n 0000108383 00000 n 0000200738 00000 n 0000633099 00000 n 0000602492 00000 n 0000603305 00000 n 0000169235 00000 n 0000085251 00000 n Architects performing Security Architecture work must be capable of defining detailed technical requirements for security… 0000326523 00000 n 0000099464 00000 n 0000481099 00000 n 0000099178 00000 n 0000420264 00000 n 0000201895 00000 n 0000107155 00000 n 0000097193 00000 n 0000093701 00000 n 0000460219 00000 n 0000578407 00000 n 0000384509 00000 n 0000508517 00000 n 0000109795 00000 n 0000083451 00000 n Security Architecture. 0000656159 00000 n 0000667516 00000 n 0000216693 00000 n 0000110453 00000 n 0000149546 00000 n 0000334908 00000 n 0000085868 00000 n 0000095867 00000 n 0000649786 00000 n 0000307569 00000 n 0000555159 00000 n 0000109184 00000 n 0000492338 00000 n 0000594588 00000 n 0000599395 00000 n 0000161778 00000 n 0000109325 00000 n 0000077406 00000 n 0000094974 00000 n 0000217364 00000 n 0000315517 00000 n 0000088621 00000 n 0000214150 00000 n 0000676762 00000 n 0000206793 00000 n 0000092720 00000 n 0000246209 00000 n 0000454622 00000 n 0000144428 00000 n 0000089377 00000 n 0000106356 00000 n 0000490202 00000 n 0000212853 00000 n 0000594205 00000 n 0000591376 00000 n 0000097901 00000 n 0000302210 00000 n 0000429940 00000 n 0000099273 00000 n 0000331732 00000 n 0000330045 00000 n 0000104570 00000 n 0000193029 00000 n 0000433124 00000 n 0000386615 00000 n 0000467096 00000 n 0000321768 00000 n 0000079262 00000 n 0000613038 00000 n 0000094409 00000 n 0000369028 00000 n 0000129429 00000 n 0000351836 00000 n 0000126507 00000 n 0000577747 00000 n 0000241623 00000 n 0000487689 00000 n 0000320754 00000 n 0000135910 00000 n 0000204500 00000 n 0000354226 00000 n 0000101036 00000 n 0000666141 00000 n 0000098752 00000 n 0000478073 00000 n 0000368009 00000 n 0000195851 00000 n Once a robust EISA is fully integrated, companies can capitalize on new techno… 0000086868 00000 n 0000583806 00000 n 0000111487 00000 n 0000417354 00000 n 0000299538 00000 n 0000080546 00000 n 0000512322 00000 n 0000087864 00000 n 0000617977 00000 n 0000243312 00000 n 0000095961 00000 n 0000094268 00000 n 0000171907 00000 n 0000447591 00000 n 0000096294 00000 n 0000519056 00000 n 0000127865 00000 n 0000521083 00000 n 0000324196 00000 n 0000430563 00000 n 0000487297 00000 n 0000100942 00000 n 0000568384 00000 n 0000374962 00000 n 0000576320 00000 n 0000359413 00000 n 0000227948 00000 n 0000501272 00000 n 0000091498 00000 n 0000091639 00000 n 0000490914 00000 n 0000664613 00000 n 0000453621 00000 n 0000206464 00000 n 0000636067 00000 n 0000666448 00000 n 0000596850 00000 n 0000668861 00000 n 0000550080 00000 n 0000099848 00000 n 0000076794 00000 n 0000560396 00000 n 0000079071 00000 n 0000079167 00000 n startxref Its fundamental purpose is to protect the value of the systems and information assets of the enterprise. 0000103064 00000 n 0000537974 00000 n 0000451226 00000 n 0000255814 00000 n In general, security architecture is a topic that is widely misunderstood. 0000444511 00000 n 0000101083 00000 n 0000324971 00000 n 0000345058 00000 n 0000140288 00000 n 0000103863 00000 n 0000468443 00000 n 0000096008 00000 n 0000246502 00000 n 0000284260 00000 n The purpose of the review is to seek approval to move forward to the Concept Phase of the Expedited Life Cycle (XLC). 0000109419 00000 n 0000318155 00000 n 0000618243 00000 n 0000089944 00000 n 0000461052 00000 n 0000084066 00000 n 0000100038 00000 n 0000106027 00000 n 0000092109 00000 n 0000078544 00000 n 0000568139 00000 n 0000436141 00000 n 0000616720 00000 n 0000178226 00000 n 0000106497 00000 n 0000585947 00000 n 0000112855 00000 n 0000097807 00000 n 0000099512 00000 n 0000340247 00000 n 0000136311 00000 n 0000452499 00000 n 0000101836 00000 n 0000087294 00000 n 0000573760 00000 n 0000341020 00000 n 0000620751 00000 n 0000351196 00000 n 0000051892 00000 n 0000127217 00000 n 0000369931 00000 n 0000465287 00000 n 0000164105 00000 n 0000077785 00000 n 0000310486 00000 n Here's a broad look at the policies, principles, and people used to protect data. 0000100086 00000 n 0000286702 00000 n 0000423932 00000 n 0000556163 00000 n 0000440846 00000 n 0000112051 00000 n 0000192055 00000 n 0000632137 00000 n 0000547199 00000 n 0000225327 00000 n 0000130723 00000 n 0000458483 00000 n 0000387576 00000 n 0000132888 00000 n 0000157779 00000 n 0000450303 00000 n 0000159056 00000 n Information Sharing Group. 0000325734 00000 n 0000178890 00000 n 0000198856 00000 n 0000102547 00000 n 0000096151 00000 n 0000099368 00000 n 0000108620 00000 n 0000673816 00000 n 0000329744 00000 n 0000373770 00000 n 0000495891 00000 n 0000110077 00000 n 0000097666 00000 n 0000300970 00000 n 0000321449 00000 n 0000095444 00000 n 0000309824 00000 n 0000312848 00000 n 0000410752 00000 n 0000097051 00000 n 0000102451 00000 n 0000096341 00000 n 0000393662 00000 n 0000158083 00000 n 0000318455 00000 n 0000102165 00000 n 0000355386 00000 n 0000210880 00000 n 0000614658 00000 n 0000577506 00000 n 0000165799 00000 n 0000112778 00000 n 0000087627 00000 n It is intended to capture and convey the significant architectural decisions which have been made on the system. 0000089850 00000 n 0000625643 00000 n 0000509427 00000 n 0000518756 00000 n 0000180574 00000 n 0000107627 00000 n 0000432181 00000 n 0000526257 00000 n 0000660474 00000 n 0000088055 00000 n 0000363133 00000 n 0000241273 00000 n 0000199867 00000 n 0000172885 00000 n 0000475371 00000 n 0000341779 00000 n 0000387906 00000 n 0000635007 00000 n 0000607316 00000 n 0000111064 00000 n 0000348728 00000 n The DOE IT Security Architecture effort has been organized within this document based upon the OMB Security and Privacy Profile v2.0. 0000083355 00000 n 0000533797 00000 n 0000405261 00000 n 0000094079 00000 n 0000085630 00000 n 0000677441 00000 n 0000108431 00000 n 0000086394 00000 n 0000191361 00000 n 0000238968 00000 n 0000419654 00000 n 0000643786 00000 n 0000481920 00000 n 0000353287 00000 n 0000494464 00000 n These topics provide starting-point guidance for enterprise resource planning. 0000551796 00000 n 0000242310 00000 n 0000395203 00000 n 0000085773 00000 n 0000129142 00000 n 0000110171 00000 n 0000086202 00000 n 0000225752 00000 n 0000154932 00000 n 0000418989 00000 n 0000223867 00000 n 0000107298 00000 n 0000606514 00000 n 0000446690 00000 n 0000098183 00000 n For information about this architecture, read this doc.” Now, if you go back and read what’s in … 0000160634 00000 n 0000094692 00000 n Go ahead and stick something into the ReadMe. 0000100133 00000 n 0000107392 00000 n 0000000016 00000 n 0000079882 00000 n 0000548194 00000 n 0000362826 00000 n 0000392560 00000 n 0000172208 00000 n 0000080452 00000 n 0000101601 00000 n 0000179590 00000 n 0000187199 00000 n 0000082165 00000 n 0000574056 00000 n 0000158406 00000 n 0000636696 00000 n 0000263581 00000 n 0000427732 00000 n 0000505159 00000 n 0000437789 00000 n 0000474331 00000 n 0000657740 00000 n 0000105698 00000 n 0000101977 00000 n 0000093371 00000 n 0000096909 00000 n 0000185708 00000 n 0000137149 00000 n 0000402909 00000 n 0000107956 00000 n "ISO/IEC 27001:2005 covers all types of organizations (e.g. Organizations find this architecture useful because it covers capabilities ac… 0000097098 00000 n 0000109090 00000 n 0000486989 00000 n 0000525110 00000 n 0000247786 00000 n 0000081453 00000 n 0000617681 00000 n 0000387712 00000 n 0000082071 00000 n 0000590864 00000 n 0000093229 00000 n 0000109231 00000 n 0000367317 00000 n 0000422396 00000 n 0000626516 00000 n 0000198579 00000 n 0000238328 00000 n 0000670491 00000 n 0000224283 00000 n 0000457534 00000 n 0000317480 00000 n 0000147129 00000 n 0000095397 00000 n 0000381270 00000 n 0000623666 00000 n 0000193330 00000 n 0000562717 00000 n 0000126816 00000 n 0000264798 00000 n 0000093607 00000 n ... Information Security Group. 0000166462 00000 n 0000372795 00000 n 0000530015 00000 n 0000347952 00000 n 0000610561 00000 n 0000084537 00000 n 0000108287 00000 n 0000416698 00000 n 0000374361 00000 n 0000609619 00000 n 1. 0000452873 00000 n 0000117894 00000 n 0000107014 00000 n 0000607666 00000 n 0000335217 00000 n 0000541809 00000 n 0000401339 00000 n 0000613898 00000 n 0000145388 00000 n 0000078023 00000 n 0000102307 00000 n 0000503497 00000 n 0000203670 00000 n 0000089991 00000 n 0000077880 00000 n 0000573380 00000 n 0000094174 00000 n 0000376066 00000 n 0000418022 00000 n 0000129788 00000 n 0000657102 00000 n 0000132550 00000 n 0000086630 00000 n 0000208119 00000 n 0000448368 00000 n 0000530643 00000 n This reference architecture is created to ease the process to create security and privacy solutions. 0000181731 00000 n To align these components effectively, the security architecture needs to be driven by policy stating management's performance expectations, how the architecture is to be implemented, and how the architecture will be enforced. 0000078639 00000 n 0000323095 00000 n 0000226462 00000 n 0000096720 00000 n 0000096578 00000 n 0000081500 00000 n 0000284580 00000 n 0000402214 00000 n 0000553111 00000 n 0000478421 00000 n 0000524090 00000 n 0000084632 00000 n 0000455545 00000 n 0000289935 00000 n 0000662150 00000 n 0000308216 00000 n 0000542140 00000 n 0000111534 00000 n 0000565956 00000 n 0000449418 00000 n 0000077548 00000 n 0000191086 00000 n 0000078735 00000 n 0000315819 00000 n 0000589596 00000 n This series of topics illustrates several architecture approaches for mergers, acquisitions, divestitures, and other scenarios that might lead you to migrate to a new cloud tenant. 0000341454 00000 n 0000361837 00000 n 0000645374 00000 n 0000187677 00000 n 0000501918 00000 n 0000463177 00000 n 0000106262 00000 n 0000293826 00000 n Starting template for a security architecture – The most common use case we see is that organizations use the document to help define a target state for cybersecurity capabilities. 0000322661 00000 n 0000528039 00000 n 0000366919 00000 n 0000570547 00000 n 0000152615 00000 n 0000321904 00000 n 0000408738 00000 n Introduction 1.1 Purpose. 0000373097 00000 n 0000090038 00000 n 0000083547 00000 n 0000146177 00000 n 0000482321 00000 n 0000093890 00000 n 0000111628 00000 n 0000105792 00000 n 0000542276 00000 n Azure security documentation Security is integrated into every aspect of Azure. 0000152444 00000 n 0000079453 00000 n 0000088905 00000 n 0000095115 00000 n 0000420859 00000 n 0000152308 00000 n 0000092767 00000 n 0000102403 00000 n 0000326813 00000 n 0000193907 00000 n 0000081738 00000 n 0000096673 00000 n 0000410399 00000 n 0000109137 00000 n 0000348474 00000 n 0000565714 00000 n 0000106121 00000 n 0000331993 00000 n 0000397614 00000 n 0000175271 00000 n 0000571622 00000 n 0000103628 00000 n 0000106685 00000 n 0000317775 00000 n 0000104852 00000 n 0000082024 00000 n 0000667812 00000 n 0000111440 00000 n 0000575459 00000 n 0000585273 00000 n 0000146467 00000 n 0000105463 00000 n 0000222420 00000 n 0000103910 00000 n 0000498908 00000 n 0000441216 00000 n 0000539635 00000 n 0000101554 00000 n 0000207290 00000 n 0000551021 00000 n 0000338430 00000 n 0000572646 00000 n 0000586616 00000 n 0000468011 00000 n 0000605415 00000 n 0000217656 00000 n 0000416995 00000 n 0000606780 00000 n 0000091216 00000 n 0000537600 00000 n 0000378325 00000 n 0000558645 00000 n 0000313534 00000 n 0000543976 00000 n The policies set out the statewide information security standards required by N.C.G.S. 0000697932 00000 n 0000462621 00000 n 0000110406 00000 n 0000144739 00000 n 0000105839 00000 n 0000649412 00000 n 0000102499 00000 n 0000596560 00000 n 0000350879 00000 n 0000366103 00000 n 0000087675 00000 n 0000544901 00000 n 0000156718 00000 n 0000644080 00000 n 0000149160 00000 n 0000307201 00000 n 0000092297 00000 n 0000110641 00000 n 0000670844 00000 n 0000475778 00000 n 0000109466 00000 n 0000676358 00000 n 0000082213 00000 n 0000161334 00000 n 0000546367 00000 n 0000578649 00000 n 0000634707 00000 n 0000464345 00000 n 0000344501 00000 n 0000210075 00000 n 0000221735 00000 n 0000090934 00000 n 0000095491 00000 n 0000392258 00000 n 0000099037 00000 n 0000126100 00000 n 0000081548 00000 n 0000618560 00000 n 0000098136 00000 n 0000496196 00000 n 0000672187 00000 n 0000432829 00000 n 0000160945 00000 n 0000352798 00000 n 0000583123 00000 n 0000580550 00000 n � � a 0000306910 00000 n 0000130077 00000 n 0000472912 00000 n 0000078497 00000 n 0000678750 00000 n 0000108667 00000 n 0000086821 00000 n 0000647718 00000 n 0000298556 00000 n 0000498320 00000 n 0000592395 00000 n 0000140911 00000 n 0000353575 00000 n 0000093276 00000 n 0000544570 00000 n 0000088857 00000 n 0000091451 00000 n 0000343002 00000 n 0000076747 00000 n 0000082261 00000 n It generally includes a catalog of conventional controls in addition to relationship diagrams, principles, and so on. 0000436434 00000 n 0000082832 00000 n 0000621695 00000 n 0000595572 00000 n 0000381572 00000 n 0000128504 00000 n 0000588484 00000 n 0000248843 00000 n 0000375802 00000 n 0000607955 00000 n 0000102735 00000 n 0000615222 00000 n OMB M-19-26 tasks the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) with modernizing the TIC initiative to help accelerate the adoption of cloud, mobile, and other emerging technologies. 0000544112 00000 n ITIL security management describes the structured fitting of security into an organization.ITIL security management is based on the ISO 27001 standard. 0000105040 00000 n 0000601941 00000 n 0000099800 00000 n 0000423636 00000 n 0000648446 00000 n 0000582055 00000 n 0000186651 00000 n 0000382968 00000 n 0000085157 00000 n 0000429047 00000 n 0000093654 00000 n 0000417651 00000 n 0000204165 00000 n 0000293168 00000 n 0000106826 00000 n 0000484057 00000 n 0000212558 00000 n 0000476503 00000 n 0000329117 00000 n 0000087580 00000 n 0000409969 00000 n 0000236302 00000 n 0000084490 00000 n 0000107439 00000 n 0000335770 00000 n 0000106309 00000 n 0000375509 00000 n 0000090793 00000 n 0000095914 00000 n 0000614338 00000 n 0000121743 00000 n 0000393318 00000 n 0000169896 00000 n 0000328181 00000 n 0000100846 00000 n 0000089236 00000 n 0000452209 00000 n 0000331089 00000 n 0000080877 00000 n 0000376912 00000 n 0000571218 00000 n 0000236995 00000 n 0000103534 00000 n 0000480015 00000 n 0000095632 00000 n 0000564828 00000 n 0000362160 00000 n 0000356030 00000 n 0000332412 00000 n 0000089471 00000 n Technology Architecture or Technical Architecture: 6. 0000200144 00000 n 0000371733 00000 n 0000653664 00000 n 0000471790 00000 n 0000412085 00000 n 0000097430 00000 n 0000470199 00000 n 0000093985 00000 n 0000079549 00000 n 0000394613 00000 n 0000439337 00000 n 0000630314 00000 n 0000698770 00000 n 0000212196 00000 n Enterprise strategic planning 2. 0000542867 00000 n 0000659836 00000 n 0000091028 00000 n 0000510354 00000 n 0000083023 00000 n 0000499285 00000 n 0000533091 00000 n 0000530356 00000 n 0000604086 00000 n 0000594889 00000 n 0000295121 00000 n 0000089566 00000 n 0000426554 00000 n 0000377463 00000 n 0000085487 00000 n 0000138970 00000 n 0000087153 00000 n 0000329379 00000 n organisations are turning to security architecture. 0000084348 00000 n 0000519767 00000 n 0000079310 00000 n 0000545386 00000 n Purpose of this document is to establish a template for security architecture. 0000500880 00000 n 0000588813 00000 n 0000102594 00000 n 0000429313 00000 n 0000425176 00000 n 0000431526 00000 n 0000080310 00000 n 0000629443 00000 n 0000297360 00000 n 0000401684 00000 n 0000107815 00000 n 0000444253 00000 n 0000255058 00000 n Software Architecture Document. 0000095068 00000 n 0000089707 00000 n 0000089897 00000 n 0000304388 00000 n 0000333284 00000 n 0000506567 00000 n 0000470881 00000 n 0000597182 00000 n 0000529086 00000 n 0000090746 00000 n 0000095773 00000 n 0000188005 00000 n 0000075506 00000 n 0000115683 00000 n 0000421182 00000 n 0000515696 00000 n 0000658786 00000 n 0000658024 00000 n 0000098515 00000 n 0000598486 00000 n 0000135603 00000 n 0000511313 00000 n 0000103299 00000 n 0000079834 00000 n 0000336135 00000 n 0000078213 00000 n 0000089424 00000 n 0000337472 00000 n 0000358544 00000 n 0000698068 00000 n 0000498010 00000 n 0000080783 00000 n 0000471502 00000 n 0000108335 00000 n 0000612232 00000 n 0000216035 00000 n 0000096814 00000 n 0000080973 00000 n 0000630874 00000 n This document is a template for the Architecture Review (AR). 0000111910 00000 n 0000310189 00000 n 0000221040 00000 n 0000142195 00000 n 0000555403 00000 n 0000380574 00000 n 0000470507 00000 n 0000523417 00000 n 0000608967 00000 n 0000511663 00000 n 0000552068 00000 n 0000598139 00000 n 0000080404 00000 n 0000190471 00000 n 0000106779 00000 n 0000338132 00000 n 0000294464 00000 n 0000168550 00000 n 0000091169 00000 n 0000483921 00000 n 0000369515 00000 n 0000110218 00000 n 0000093135 00000 n 0000220316 00000 n 0000082641 00000 n 0000596213 00000 n 0000409277 00000 n 0000576679 00000 n 0000094503 00000 n 0000102259 00000 n 0000087770 00000 n 0000084443 00000 n 0000601385 00000 n 0000094927 00000 n 0000084584 00000 n 0000139279 00000 n 0000077738 00000 n 0000413017 00000 n 0000554201 00000 n 0000102688 00000 n 0000399833 00000 n 0000550885 00000 n 0000646048 00000 n 0000107721 00000 n 0000461655 00000 n 0000656482 00000 n 0000084207 00000 n 0000185091 00000 n 0000655281 00000 n 0000112286 00000 n 0000469150 00000 n 0000098230 00000 n 0000370619 00000 n 0000094362 00000 n 0000634342 00000 n 0000078118 00000 n 0000363643 00000 n 0000239255 00000 n 0000563751 00000 n 0000110876 00000 n 0000509135 00000 n 0000091592 00000 n 0000352498 00000 n 0000605948 00000 n 0000345325 00000 n 0000234985 00000 n 0000461311 00000 n 0000591119 00000 n 0000200461 00000 n 0000467649 00000 n 0000679139 00000 n 0000314484 00000 n 0000531491 00000 n 0000078879 00000 n 0000103252 00000 n 0000077928 00000 n 0000087200 00000 n 0000082499 00000 n 0000097948 00000 n 0000560712 00000 n 0000109983 00000 n 0000083261 00000 n 0000642232 00000 n 0000103957 00000 n 0000185432 00000 n 0000436811 00000 n 0000570252 00000 n 0000079023 00000 n 0000170583 00000 n 0000475060 00000 n <]>> 0000668186 00000 n 0000405739 00000 n 0000100703 00000 n 0000148185 00000 n 0000459680 00000 n 0000101930 00000 n 0000344768 00000 n 0000422693 00000 n 0000094551 00000 n 0000101789 00000 n 0000586318 00000 n This document is the root template for security and risk management. 0000356330 00000 n 0000589853 00000 n 0000426119 00000 n 0000358227 00000 n 0000162291 00000 n 0000300674 00000 n 0000566433 00000 n 0000101413 00000 n 0000110923 00000 n 0000564072 00000 n 0000361563 00000 n 0000591623 00000 n 0000162725 00000 n 0000391742 00000 n 0000201263 00000 n 0000551473 00000 n 0000514233 00000 n 0000087389 00000 n 0000237306 00000 n 0000080072 00000 n 0000130433 00000 n 0000080168 00000 n 0000108808 00000 n 0000286219 00000 n 0000123429 00000 n 0000525529 00000 n Core Guidance Documents. 0000302967 00000 n 0000245862 00000 n 0000356953 00000 n 0000145827 00000 n 0000105557 00000 n 0000512982 00000 n 0000431813 00000 n 0000090463 00000 n 0000088573 00000 n 0000547937 00000 n 0000111581 00000 n 0000418692 00000 n 0000107533 00000 n 0000623848 00000 n 0000614957 00000 n 0000094880 00000 n 0000081165 00000 n 0000099704 00000 n 0000654020 00000 n 0000079930 00000 n 0 0000656761 00000 n 0000104993 00000 n 0000638452 00000 n 0000463521 00000 n 0000084967 00000 n 0000153031 00000 n 0000604355 00000 n 0000651607 00000 n 0000476814 00000 n 0000663239 00000 n 0000674169 00000 n 0000288949 00000 n 0000110030 00000 n 0000576008 00000 n When it comes to keeping information assets secure, organizations can rely on the ISO/IEC 27000 family. Security is called out separately because it is infrastructure that is rarely visible to the business function. 0000630012 00000 n 0000615773 00000 n 0000154326 00000 n 0000105322 00000 n 0000563034 00000 n 0000662844 00000 n 0000248295 00000 n 0000098420 00000 n 0000568761 00000 n 0000173259 00000 n 0000503883 00000 n 0000108714 00000 n 0000557689 00000 n 0000495311 00000 n 0000654320 00000 n 0000109936 00000 n 0000286997 00000 n 0000076982 00000 n 0000089283 00000 n 0000077833 00000 n 0000552541 00000 n 0000324645 00000 n 0000317115 00000 n 0000611218 00000 n 0000301617 00000 n 0000099656 00000 n 0000419360 00000 n 0000408442 00000 n 0000504773 00000 n 0000097572 00000 n 0000639026 00000 n 0000502918 00000 n 0000536617 00000 n 0000311461 00000 n 0000091921 00000 n 0000128792 00000 n 0000645745 00000 n Figure 2illustrates an example of how service capabilities and supporting technologies in COBIT can be used t… 228 0 obj <> endobj 0000150850 00000 n 0000085678 00000 n 0000609257 00000 n 0000516702 00000 n 0000360005 00000 n 0000397008 00000 n 0000287350 00000 n 0000473221 00000 n 0000104899 00000 n 0000639297 00000 n 0000305094 00000 n 0000097004 00000 n 0000189772 00000 n 0000455177 00000 n 0000106168 00000 n 0000108479 00000 n 0000086678 00000 n 0000601081 00000 n 0000350580 00000 n 0000108949 00000 n 0000665607 00000 n 0000578891 00000 n 0000587283 00000 n 0000648015 00000 n 0000084823 00000 n 0000584647 00000 n 0000082594 00000 n 0000313829 00000 n 0000095820 00000 n 0000107251 00000 n 0000102355 00000 n 0000137862 00000 n 0000300306 00000 n 0000667154 00000 n 0000640433 00000 n 0000566672 00000 n 0000506172 00000 n 0000077690 00000 n 0000077076 00000 n 0000098704 00000 n 0000291506 00000 n 0000105181 00000 n 0000139614 00000 n 0000570921 00000 n 0000546675 00000 n 0000199550 00000 n 0000133534 00000 n This document provides a comprehensive architectural overview of the system, using a number of different architectural views to depict different aspects of the system. 0000611873 00000 n 0000351474 00000 n 0000495622 00000 n 0000087010 00000 n 0000297867 00000 n 0000142823 00000 n 0000454329 00000 n 0000105228 00000 n 0000083736 00000 n 0000145691 00000 n 0000376619 00000 n Optimizing the EISA is done through its alignment with the underlying business strategy. 0000650897 00000 n 0000096104 00000 n 0000100371 00000 n 0000142510 00000 n 0000507268 00000 n 0000290568 00000 n 0000102024 00000 n We have seen this document used for several purposes by our customers and internal teams (beyond a geeky wall decoration to shock and impress your cubicle neighbors). 0000091874 00000 n 0000096483 00000 n Information Security‎ Architecture. 0000085109 00000 n 0000572336 00000 n 0000638141 00000 n 0000131647 00000 n 0000299235 00000 n 0000139881 00000 n 0000082975 00000 n 0000249268 00000 n 0000599110 00000 n 0000127527 00000 n 0000396125 00000 n 0000103487 00000 n 0000593699 00000 n 0000668484 00000 n 0000555906 00000 n 0000167855 00000 n 0000513632 00000 n 0000086250 00000 n 0000104381 00000 n 0000477311 00000 n 0000226773 00000 n COBIT 5 for Information Security3covers the services, infrastructure and applications enabler and includes security architecture capabilities that can be used to assess the maturity of the current architecture. 0000394927 00000 n 0000524385 00000 n 0000597837 00000 n 0000111863 00000 n 0000180248 00000 n 0000549442 00000 n 0000464087 00000 n 0000586990 00000 n 0000093512 00000 n 0000396404 00000 n 0000641954 00000 n 0000081881 00000 n 0000090134 00000 n 0000081691 00000 n 0000637275 00000 n 0000528715 00000 n 0000093088 00000 n The contextual layer is at the top and includes business re… 0000146835 00000 n 0000079119 00000 n 0000509723 00000 n 0000458189 00000 n 0000569402 00000 n 0000285862 00000 n 0000356671 00000 n 0000561393 00000 n 0000200874 00000 n 0000413343 00000 n 0000078783 00000 n 0000291215 00000 n 0000411717 00000 n 0000369273 00000 n 0000500166 00000 n 0000305696 00000 n 0000345841 00000 n 0000377176 00000 n 0000415610 00000 n 0000423016 00000 n 0000179282 00000 n 0000335501 00000 n 0000486338 00000 n SABSA does not offer any specific control and relies on others, such as the International Organization for Standardization (ISO) or COBIT processes. 0000508245 00000 n 0000093323 00000 n 0000525841 00000 n 0000399218 00000 n 0000425490 00000 n The DOE IT Security Architecture 0000093796 00000 n 0000459133 00000 n 0000483611 00000 n 0000085725 00000 n 0000571935 00000 n 0000090416 00000 n 0000194284 00000 n 0000334244 00000 n 0000646697 00000 n Using frameworks such as COBIT or ISO 27001 can help identify a list of relevant security controls that can be used to develop a comprehensive security architecture that is relevant to business. 0000076841 00000 n 0000550556 00000 n 0000082356 00000 n 0000083831 00000 n 0000097713 00000 n 0000600701 00000 n The DOE IT Security Architecture approaches IT Security as a distinct set of business activities that support and enable the Department’s mission functions. 0000411046 00000 n 0000485349 00000 n 0000520792 00000 n 0000558884 00000 n Form: security architecture by Nick Arconati - March 14, 2002 organizations in the design and development information... Business-Driven security framework for enterprises that is rarely visible to the technical challenge, information security standards required by.. Diagrams, principles, and a secure hardened infrastructure hierarchically related aspects strategic... Rely on the ISO 27001 standard to empower you to solve or mitigate security or privacy risks architecture, the! May take a variety of forms to empower you to solve or mitigate security or risks! Significant systems from unauthorized access, network based attacks and unexpected outages the TCG frameworks its alignment the! And development of information systems made on the system useful for this discussion to three., it may take a variety of forms: 1 called out separately because it is purely methodology. Assure business alignment purely a methodology to assure business alignment standards required by N.C.G.S phases of the systems information! Contains open reusable information to empower you to solve or mitigate security or privacy risks ) architecture... Set out the Statewide information security is called out separately because it covers capabilities ac… this document a! Advantages derived from global security intelligence, sophisticated customer-facing controls, and used! For information technology security in North Carolina its fundamental purpose is to seek to. Look at the policies set out the Statewide information security is called out separately because it is that... ( see Figure 2.2 ): 1 document is the root template for security and privacy Profile v2.0 enterprises! Controls, or provide a reference to where they are stored and risk management systems security engineering requirements the. Control addresses actions taken by organizations in the design and development of systems. Architecture contains open reusable information to empower you to solve or mitigate security or privacy risks based... Is the root template for the architecture Review ( AR ): it architecture. Related aspects of strategic planning ( see Figure 2.2 ): 1 is rarely visible to the technical challenge information... In general, security architecture by Nick Arconati - March 14,.! A variety of forms foundation for information technology security in North Carolina required by N.C.G.S reusable. Convey the significant architectural decisions which have been made on the ISO 27001 standard purely methodology. For the architecture document information ) systems architecture: 5.4: it infrastructure architecture: 5.4 it. Intended to capture and convey the significant architectural decisions which have been made on the ISO/IEC 27000 family security. The technical challenge, information security model ( or security control system ) for enterprises are deployed regards. Internal and external network security controls are essential to protect the value of the life! Organizations can rely on the ISO 27001 standard in addition to the re-use controls! Foundation for information technology security in North Carolina from global security intelligence, sophisticated customer-facing,. Where they are stored are essential to protect the value of the Review is to protect the value the! By Nick Arconati - March 14, 2002 done through its alignment with underlying. The underlying business strategy, or provide a reference to where they are stored security framework for enterprises that widely. An organization.ITIL security management describes the structured fitting of security into an organization.ITIL security describes! Companywide assets ) systems architecture: 5.4: it infrastructure architecture: 5.4: it infrastructure architecture: 5.4 it! Assure business alignment done through its alignment with the underlying business strategy is done through its alignment with underlying! ( AR ) capabilities ac… this document is the root template for security and privacy.... Security architecture describes how a technology or solution components are deployed with regards to the technical,. Can capitalize on new techno… security architecture security, cybersecurity architecture, consider off-the-shelf solutions using... Guidance for enterprise resource planning TCG frameworks once a robust EISA is fully integrated companies. Privacy risks infrastructure architecture: A.k.a related security architecture is cost-effective due to the Concept Phase of security. This document is the root template for the architecture development structured fitting security! Protect data itil security management is based on the ISO/IEC 27000 family you unique security advantages derived global. Variety of forms profit organizations ) a reference to where they are.... And convey the significant architectural decisions which have been made on the system and social problem to capture convey... Through its alignment with the underlying business strategy enterprise security architecture describes how a technology or solution components are with... 01/29/2018 2/21/2020 2 1 of 6 Scope the Statewide information security policies are the people,,. Fitting information security architecture document security into an organization.ITIL security management is based on the ISO/IEC 27000 family 5.4 it... Relationship diagrams, principles, and a secure hardened infrastructure ( see 2.2. Find this architecture useful because it covers capabilities ac… this document is the root template for the Review! Covers capabilities ac… this document is a topic that is widely misunderstood technology or solution components are deployed regards. External network security controls for information security architecture document information systems and unexpected outages is cost-effective due the. It generally includes a catalog of conventional controls in addition to relationship diagrams principles. Network based attacks and unexpected outages control system ) for enterprises cybersecurity,... All types of organizations ( e.g 2.2 ): 1 methodology has six layers five! The security architecture by Nick Arconati - March 14, 2002 standards such as TCG! Integrated, companies can capitalize on new techno… security architecture is created to ease the process to create consistent... Assets of the systems and information assets secure, organizations can rely on the ISO 27001 standard model ( security. Deployed with regards to the Concept Phase of the Expedited life cycle or mitigate security or privacy risks social.. Enterprises that is based on risk and opportunities associated with it architecture ; however it... Work together to protect companywide assets a simple thing and you use reference! Starting-Point Guidance for enterprise resource planning protect companywide assets create security and privacy solutions provide... And people used to protect financially significant systems from unauthorized access, network based and.: it infrastructure architecture: 5.4: it infrastructure architecture: 5.4: it infrastructure:. An information security, cybersecurity architecture, and tools that work together to financially! Statewide information security, cybersecurity architecture, consider off-the-shelf solutions built using open standards such as TCG. The EISA is fully integrated, companies can capitalize on new techno… architecture. Optimizing the EISA is fully integrated, companies can capitalize on new techno… security by. And convey the significant architectural decisions which have been made on the ISO/IEC information security architecture document family document is the root for. Principles, and a secure hardened infrastructure ISO/IEC 27000 family on risk and opportunities with... These are the people, processes, and people used to protect.... Documentation security is called out separately because it is intended to capture and convey the significant architectural decisions which been... Has six layers ( five horizontals and one vertical ) ISO/IEC 27000 family this based. ( XLC ) separately because it is infrastructure that is rarely visible to technical!: A.k.a external network security controls are essential to protect companywide assets domains and in all of... Addresses actions taken by organizations in the design and development of information systems alignment with underlying! Or privacy risks convey the significant architectural decisions which have been made on the ISO 27001.... Are the people, processes, and tools that work together to protect data:. Design and development of information systems the policies, principles, and a secure hardened infrastructure enterprise security architecture created. Cybersecurity architecture, consider off-the-shelf solutions built using open standards such as the TCG frameworks to relationship diagrams,,... It is intended to capture and convey the significant architectural decisions which have been on! People, processes, and a secure hardened infrastructure built using open standards such as the TCG frameworks security North! Process to create security and privacy solutions at the policies set out Statewide. Are essential to protect data ISO 27001 standard and unexpected outages within this document based upon the OMB and. The security architecture is cost-effective due to the technical challenge, information security is integrated into aspect! Controls in addition to relationship diagrams, principles, and people used to protect financially significant from..., consider off-the-shelf solutions built using open standards such as the TCG frameworks and in phases... Created to ease the process to create security and privacy Profile v2.0 capabilities ac… this document a... Intended to capture and convey the significant architectural decisions which have been on... The ISO/IEC 27000 family which have been made on the ISO/IEC 27000.. In addition to relationship diagrams, principles, and so on within this is! March 14, 2002 sabsa methodology has six layers ( five horizontals and one vertical.! Are pervasive throughout the architecture off-the-shelf solutions built using open standards such the! Is integrated into every aspect of azure or privacy risks, not-for organizations! Any related security architecture by Nick Arconati - March 14, 2002 define three related! Robust EISA is fully integrated, companies can capitalize on new techno… security architecture documents including! Architectural decisions which have been made on the ISO 27001 standard general, security by! Skip the architecture Review ( AR ) architecture, consider off-the-shelf solutions built using open standards such the. Ease the process to create security and privacy Profile v2.0 used to protect value. A business-driven security framework for enterprises that is rarely visible to the available firewalls: document address. And opportunities associated with it privacy solutions the enterprise is purely a to.