The SABSA Foundation training consists of two parts with various theory lessons and workshop sessions, supplemented with case studies based on real-life practical experiences. The 5-day SABSA Foundation training covers the entire content of SABSA and prepares you for the official SABSA Foundation exam.

F1: Security Strategy & Planning

In this module, you will learn how the SABSA framework can help you build a successful security strategy and architecture. Through presentations, case studies, and workshops, this knowledge is effectively transferred, and you will learn to shape your security strategy, design, and management processes in such a way that you can optimally align business objectives with information security.

F2: Security Management & Design.

This module builds on the strategy defined in module F1 to create a roadmap for designing, implementing, and supporting a range of consistent and high-quality security strategies.

Participants will learn how to design, implement, and support a comprehensive architecture for security services using the SABSA lifecycle, which fully and seamlessly integrates with their existing IT management and business infrastructure.

The SABSA Foundation Modules (F1 & F2) form the official starting point of the SABSA Institute for developing competencies in security architecture. The SABSA Foundation Training is designed to create a broad base of knowledge and understanding of the SABSA method, the associated frameworks, concepts, models, and techniques. Theories and concepts are tested in 'proof-of-concept'-like case studies and workshops, providing participants with practical insights into how SABSA is applied.

What is SABSA? 

SABSA® (Sherwood Applied Business Security Architecture) is a proven framework for Enterprise Security Architecture and an approach to risk management within both business and government. The SABSA framework is successfully used worldwide for Risk Management, Information Assurance, and Continuity Management.

The primary philosophy of the SABSA framework is to always reason back to the primary “business requirements” for information security. From the analysis of the business requirements, the strategy is then determined, and processes are established and optimized. A significant difference from other methodologies is that in SABSA, the processes are not leading, but the wishes of the business.

The SABSA Framework is the intellectual property of John Sherwood, who can rightly be called one of the gurus of Security Architecture.

SABSA is based on the traditional layered architecture. In developing the SABSA model, the work of John A. Zachman has been broadly followed. SABSA is to Security Management what ITIL is to Service Management, PRINCE2 is to Project Management, and TOGAF is to Enterprise Architecture.

SABSA is the leading open method for delivering coherent information security solutions within organizations. The SABSA Framework ensures that the security needs of your organization are fully met and that they are designed, delivered, and supported as an integral part of the IT management infrastructure.