What Is Security Architecture?

Security concerns are pervasive throughout all the architecture domains, and all phases of the TOGAF ADM.  The Security Architect is active whenever a new threat is recognized or experienced, and any time a new IT architecture initiative discovers new stakeholders and/or new requirements.  So what is Security Architecture?

Security Architecture deals with the when, how and where of security control application, and addresses the potential risks involved for an organization in certain scenarios or environments.

Security Architecture in many cases helps to define the relationship between the various components inside the IT architecture, their dependencies and the specifics of their interaction.  This gives it an association with Data Architecture, but Security Architecture can take many forms, such as risk management, benchmarking, financial & legal, and regulatory.

Free TOGAF Downloads!The Security Architect commonly takes the initiative through a four-phase journey, beginning with a risk assessment that examines the likelihood and potential effect of security threats to business assets.

This will inform the second phase, during which the enterprise’s security specifications are designed and mapped.

The architecture arising from the second phase is then implemented, operated and controlled in the third phase.

The fourth phase comprises the operating and monitoring of day-to-day security processes, such as threat and vulnerability management.

Like all architectures, Security Architecture relies on certain fundamental principles, such as the separation of concerns, abstraction, and the creation of conceptual models and formal specifications.

Free TOGAF Downloads!

Previous articleAccredited IT4IT Reference Architecture Training
Next articleLean: The 5S Methodology – A Short Video Guide
Richard has been involved in IT training for over fifteen years, starting his career as a classroom trainer in 2000. Gaining his classroom experience in the City with long stints at organizations such as Goldman Sachs and Morgan Stanley, Richard made the switch to eLearning development and instructional design in 2009 with Thomson Reuters’ On Demand channel. Joining Good e-Learning in 2015, he has been heavily involved in bringing the Open Group’s IT4IT Reference Architecture Standard to an eLearning audience, and continues to work closely with the team at Good e-learning on other new and exciting projects.