”Open Enterprise Security Architecture” aspires to be a collection of useful information around a structured way of developing and governing enterprise security. As such it focuses on challenges that are seen when looking top down into complex scenarios instead of taking a bottom up approach of combining individual security capabilities and hoping that the in detailed worked out individual solution components make for a balanced whole.
The information that eventually should be fully covered by this site will address the following areas of concern:
- Foundations
Explaining what ESA means, the scope, roles and deliverables you should expect.
- Methodology
A general and repeatable approach that combines existing frameworks and methodology into a set of repeatable step that should provide most organizations with a way to repeatedly produce security planning relevant artefacts.
- Accelerators
Common building blocks for the delivery of typical sets of security capabilities found across most organizations.
- Governance and Tooling
Information on what processes, structures and tools are required to successfully run an Enterprise Security Architecture function in your business and how to effectively integrate it with other functions.
If you want to get involved by contributing to this site, please have a look at the “Community and Collaboration” section.