SABSA Is A Top To Bottom Framework And Methodology

SABSA® Foundation

SABSA® is the world’s leading open security architecture framework and methodology. SABSA is a top-to-bottom framework and methodology to conceive, conceptualise, design, implement and manage security in a business-driven model.

80% of Global Fortune 500 organizations are expected to adopt DevOps by 2021 – CA.

ADP, BBC News, ebay, GE, ING, Intuit, PayPal, Splunk, Uber & other MNCs worldwide use DevOps.

Be future ready. Start learning
Structure your learning and get a certificate to prove it.
Start Learning

Sabsa Foundation UpComing Batches

Jul-10 - Aug-21


Timings: 07:00 AM To 10:00 AM (IST)

350.00     Enroll Now

Jul-20 - Aug-31


Timings: 07:00 AM To 10:00 AM (IST)

350.00     Enroll Now

Aug-10 - Sep-21


Timings: 20:30 PM To 23:30 PM (IST)

350.00     Enroll Now
Be future ready. Start learning
Structure your learning and get a certificate to prove it.
Start Learning

Course Curriculum

SABSA® Foundation


SABSA® is the world’s leading open security architecture framework and methodology. SABSA is a top-to-bottom framework and methodology to conceive, conceptualise, design, implement and manage security in a business-driven model.

  • WEEK 5-6
  • 10 Modules
  • 6 Hours
Self Paced

Information Security Strategy, Benefits and Objectives.

  • Security: A Cultural Legacy as a Business Constraint.
  • Technical Legacy of Tactical Point Solutions.
  • Security Strategy, Tactics and Operations.
  • Critical Success Factors for Business, IT and Security.
  • Measuring and Prioritising Business Risk.
  • Enabling Business and Empowering Customers.
  • Adding Value to the Core Product.
  • Protecting Relationships and Leveraging Trust.

  • Information Security and its Role in the Modern Enterprise.
  • Enterprise Security Architecture: Definition and Principles.
  • The History of SABSA Development.
  • Introduction to the SABSA Model.
  • The Business View of Security: Contextual Architecture.
  • The Architect’s View of Security: Conceptual Architecture.
  • The Designer’s View of Security: Logical Architecture.
  • The Builder’s View of Security: Physical Architecture.
  • The Tradesman’s View of Security: Component Architecture.
  • The Service Manager’s View of Security: Operational Architecture.
  • Traceability from Business Requirements to Deployed Solutions.
  • The SABSA Matrix and Service Management Matrix.

Business Requirements & How To Define Them.

  • Business Goals, Success Factors and Operational Risks.
  • Business Processes and the Need for Security.
  • Location Dependence of Enterprise Security Needs.
  • Organisation and Relationships Affecting Enterprise Security.
  • Time Dependency of Enterprise Security.
  • Collecting Enterprise Requirements for Security.
  • Creating a Business Attributes Profile.
  • Defining Control Objectives.

  • Managing Complexity.
  • Systems Engineering for Security.
  • Architectural Layering.
  • End-to-End Security.
  • Defence-in-Depth Models.
  • Security Domains.
  • Security Associations.
  • Trust Modelling.
  • Organisation & Workflow.
  • Infrastructure Strategy.
  • Management Strategy.

The Strategy Programme & Architecture Delivery.

  • The SABSA Development Process.
  • The SABSA Lifecycle.
  • Strategy and Concept Phase Processes and Sub-processes.
  • Design Phase Processes and Sub-processes.
  • Implement Phase Processes and Sub-processes.
  • Manage and Measure Phase Processes and Sub-processes.
  • Top-down Decomposition of the SABSA Model.
  • Scope, Deliverables and Project Sequencing.

  • Introduction to Return on Investment & Return of Value.
  • Defining the Benefits and Value Propositions.
  • Selling the Benefits.
  • Getting Sponsorship and Budget.
  • Building the Team.
  • Team Competency Assessment & Development.
  • Programme Planning and Management.
  • ‘Fast Track’ Start-up Programmes.
  • Collecting the Information You Need.
  • Gaining Consensus on the Conceptual Architecture.
  • Strategic Architecture Governance, Compliance and Maintenance.
  • Identifying Quick Wins and Gaining Long Term Confidence.

The Sabsa Security Management Framework.

  • SABSA in the I.T. Lifecycle.
  • Using SABSA To Integrate Other Methods, Models & Standards.
  • SABSA and the ITIL Framework.
  • SABSA and CobIT.
  • SABSA and Project Management Standards.
  • SABSA and ISO Security Standards.
  • SABSA and IT Architecture.

Security Policy Management.

  • Policy Principles.
  • Policy Content, Hierarchy & Architecture.
  • Security Policy Making.
  • Information & Systems Classification.
  • Third Party & Outsourcing Strategy & Policy Management.

  • The Meaning of Risk.
  • Risk Philosophy & Methodology.
  • Corporate Governance & Enterprise Risk Management.
  • Risk Measurement and Risk Assessment.
  • Risk Mitigation.
  • Risk Appetite.
  • Risk Management Tools.
  • Measuring Success of Risk Management.

Security Organisation & Responsibilities.

  • Security Governance.
  • Security Culture Development,Training & Awareness.
  • Ownership & Custody.
  • Service Provider & Customer Roles in Security Management.
  • Enterprise Audit & Review Framework.

  • Business Continuity Planning.
  • Contingency Planning.
  • Crisis Management.
  • Business Recovery Planning.

  • Technical Assurance of Security Correctness & Completeness.
  • Managing the Assurance Process for Systems & Software Development.
  • Assuring Integrity and Acceptable Use of Systems & Software.
  • Principles of Multi-phased Testing.

Security Services Architecture.

  • Information as the Logical Representation of Business.
  • Logical Entities & Their Relationships.
  • Using Trust Models to Define Security Services.
  • Security Domains, Domain Definitions & Associations.
  • Security Processing Cycle.

Security Services Architecture.

  • Security Rules, Practices & Procedures.
  • Security Mechanisms.
  • User Security.
  • Platform & Network Security.
  • Infrastructure for Service Delivery.
  • Technical Standards & Components.

Operational Security Services.

  • Incident Management.
  • Incident Response.
  • Problem Management.
  • Change Management.
  • Continuity, Crisis & Recovery Management.

  • Security Service Management.
  • Security Mechanism Management.
  • Security Component Management.
  • System Management & Administration.
  • User Management & Administration.
  • Security Audit Management.
  • Security Operations.
  • Product Evaluation & Selection.

Return on Investment & Return of Value.

  • Return on Investment.
  • Net Present Value.
  • Internal Rate of Return.
  • Defining Value Metrics.
  • Business Attributes & Return of Value.

Program Syllabus


You can also view the program syllabus by downloading this program Curriculum.


What are the system requirements for this courses?

The system requirements include Windows/Mac/ Linux PC, minimum 4GB RAM, 20 GB HDD Storage and Core i3 or above processor.

How will I execute the practicals?

All the Demo/Hands-on are to be executed on OL Tech Edu Pre-configured Virtual Machine. The detailed installation guides are provided in the LMS for setting up the environment. For any doubt, the 24*7 support team will promptly assist you.

Which case studies or projects are a part of this course?

These case studies are real life business scenarios that a DevOps Engineer will face in his daily work-life. Problem Statement: Company AppleBite is using Cloud for one of their products. The project uses many modular components, different frameworks, components developed by different teams or by 3rd party partners, open source libraries etc.

Course Certification

OL Tech Edu’s Certificate Holders work at top 500s of companies like


Explore step by step paths to get started on your journey to Jobs of Today and Tomorrow.

Instructor-led Sessions

30 Hours of Online Live Instructor-Led Classes.
Weekend Class : 10 sessions of 3 hours each.

Real Life Case Studies

Real-life Case Studies

Live project based on any of the selected use cases, involving implementation of the various real life solutions / services.



Each class will be followed by practical assignments.

24 x 7 Expert Support

24 x 7 Expert Support

We have 24x7 online support team to resolve all your technical queries, through ticket based tracking system, for the lifetime.



Towards the end of the course, OL Tech Edu certifies you for the course you had enrolled for based on the project you submit.

Course FAQ's

Enroll, Learn, Grow, Repeat! Get ready to achieve your learning goals with OL Tech Edu View All Courses

© 2015 - 2024 OL Tech Edu. All Rights Reserved.
Designed, Developed & Powered by MNJ SOFTWARE

The website is best experienced on the following version (or higher) of Chrome 31, Firefox 26, Safari 6 and Internet Explorer 9 browsers