Definitions Edit

The information security architecture is

the security-related aspects of the enterprise architecture that are incorporated into the enterprise architecture definition as an integral part of the architecture development — that is a sub-architecture derived from the enterprise architecture, not a separately defined layer or architecture.[1]
a description of security principles and an overall approach for complying with the principles that drive the system design, i.e., guidelines on the placement and implementation of specific security services within various distributed computing environments.[2]
[a]n embedded, integral part of the enterprise architecture that describes the structure and behavior for an enterprise's security processes, information security systems, personnel and organizational subunits, showing their alignment with the enterprise's mission and strategic plans.[3]

References Edit

  1. NIST Special Publication 800-39, at 10 n.20.
  2. NIST Special Publication 800-27.
  3. NIST Special Publication 800-53, App. B, Glossary.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.