Security Architecture Design

Translate strategies into implementable designs that will effectively enable organisations to achieve goals & objectives

Enterprise Security Architecture design transforms security strategies into business-aligned, and risk-prioritized security capabilities and solutions architected to enable organisations to meet their business goals and objectives. The SABSA Methodology is a layered, modular approach to aligning and integrating business goals and objectives with the full spectrum of elements of security elements, including people, process, and technology, to create a holistic, inter-connected and mutually supporting collection of cybersecurity capabilities, controls, and solutions.


DLC security architecture designs deliver holistic security that enables the organisation in its pursuit of business goals and objects by designing the right control, for the right place, for right time, at the right price to demonstrably deliver cost-effective, business-enabling security.


The Design Process builds on the ESA strategic concepts and frameworks delivered by the Security Strategy Service to develop layered, fully aligned, integrated, and implementable security designs comprising asset risk management targets and the associated policies, processes and procedures, components, and standards. The design process continues SABSA’s layered, modular approach to traceably transform, in turn, each set of architecture layer components into lower layer representations. The result is a comprehensive, integrated, and mutually supporting set of mutually supporting and reinforcing security elements.


The DLC Design Service delivers value through implementable enterprise security architecture designs to:

  • Adapt, integrate, and align existing enterprise frameworks, methods, and standards
  • Expand application of a business-driven approach to security enterprise wide
  • Demonstrate a measurable contribution from security to business performance targets and risk appetite
  • Achieve cohesion between functions by delivering end-to-end and through life integration with EA, Quality, Governance, Risk and Compliance, Service Management, Security Operations, Business Continuity, Process Engineering, Project Management, and Physical Security