Little else has impacted enterprise operations like the emergence of IT, but many organisations are still lagging behind when it comes to effect management and development.
Risk management, information assurance, governance and continuity management are all areas that enterprises need to address in order to assure control over IT operations, as failing to do so can mean new technologies and trends are never fully utilised.
There are a number of frameworks and methodologies that can support enterprises in these areas, and all deserve consideration.
This article will explore one of these frameworks, SABSA, the necessary certification programs to ensure effective use, and a breakdown of exactly what it is
What is SABSA
SABSA, like ITIL, is a framework that has been proven through extensive development, and is currently used to great effect around the globe. It's largely utilised by enterprises to meet a variety of needs, including risk management, information assurance, IT governance and continuity management.
It's currently the world's leading open security architecture framework, and for good reason. SABSA is a top-to-bottom framework and methodology designed specifically to manage security in a business driven model.
By handling the process from when it's conceived, through to conceptualisation, design and implementation, security is assured.
Following inception in 1995, organisations across a variety of sectors and industries have adopted SABSA as the framework of choice. Through integration, SABSA ensure that enterprise needs are fully met, and security services are designed, delivered and supported as part of the business.
Organisations need to consider how frameworks like SABSA can advance and secure operations, and undertake the necessary training and courses to educate personnel. Following an understanding of SABSA, enterprises can move forward with a higher level of security, risk management and IT governance.
The SABSA roadmap
A certification program is the best way for an enterprise to take advantage of SABSA, and it's important to understand how the program works. The ALC Training program, for example, is structured into three areas, outlined below.
- Foundation – This forms as a base for certification, and is both mandatory and essential for any further forms of training. Building a strong understanding during a foundation course can develop a solid base for later modules.
- Advanced Modules – The middle stage before topical masters classes, advanced modules count towards the later stages.
- Topical Master classes – These are two-day non-exam events, designed to cover any speciality areas of interest to the business. The classes offer credits toward certification, helping to make the process easier.
Architectural design
For those within the business who want to take SABSA certification further, the Advanced courses are the best approach. The chartered architect programme is a certification awarded by the SABSA Institute, and can help to further the knowledge of those who have already undertaken Foundation training and developed field experience.
The SABSA Module A3 course focuses on group discussions, personal research and even practical workshops, as opposed to teaching new materials. This isn't a technology course, however, as it's designed to teach SABSA process application to architecture development and design for businesses.
Risk, Assurance and Governance
Once a groundwork of SABSA knowledge has been laid, developed and tested, enterprises can begin to develop and demonstrate confidence of SABSA with the advanced risk assurance and governance modules.
These are designed to achieve valuable results for both the benefit of the business and the individual. This module is able to provide employers and peers with confidence that a successful SABSA candidate has demonstrated capability in a number of areas.
Candidates should effectively be able to analyse and assess business problems and business requirements, and apply their skills under the pressure of examinations.
SABSA training needs to be considered by enterprises, and training given to staff in order to effectively ensure risk management and governance.