A global organization has determined that its primary security governance requirement is to create a comprehensive model that connects high-level business objectives with specific technical security implementations. Which security control framework would be BEST suited for these requirements?
International Organization for Standardization framework
National Institute of Standards and Technology framework
Control Objectives for Information and Related Technology
Sherwood Applied Business Security Architecture (SABSA) is the correct answer because it provides a layered architectural model that helps organizations trace security requirements from business drivers all the way through to technical implementation. SABSA uses six layers (Business, Architect's, Designer's, Builder's, Tradesman's, and Service Manager's views) to ensure security solutions are aligned with business needs at every level.
The other frameworks, while valuable, don't provide the same comprehensive architectural approach to linking business objectives with technical implementations. NIST frameworks focus more on specific security controls and risk management approaches. ISO 27001 is centered around Information Security Management Systems with less emphasis on architectural design. COBIT offers IT governance and management practices but doesn't provide the same level of architectural guidance that connects business vision directly to technical implementation details.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the six layers of SABSA?
Open an interactive chat with Bash
How does SABSA differ from other security frameworks?
Open an interactive chat with Bash
What is the purpose of connecting business objectives with technical implementations in security?
Open an interactive chat with Bash
ISC2 CISSP
Security and Risk Management
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access