SABSA Certification

The SABSA Certification framework is a comprehensive, competencies-based testing programme that provides employers and peers with assurance and confidence that employees, job candidates, service providers and contractors have the professional capability to meet the needs of your organisation to design, deliver and manage enterprise security architectures. It tests professional proficiency in all aspects of enterprise security as delivered by the SABSA method.

The framework is based upon world-leading educational best practices and consists of:

  • A comprehensive Body of Knowledge;
  • A detailed multi-layer Competency Development Framework constructed using the leading skills development framework Bloom’s Taxonomy of Cognitive Levels;
  • Career Roadmaps that recognise the range of specialisms increasingly required as a career develops, and define clear paths of career progression;
  • Three certification levels that indicate stages of proficiency from knowledge and understanding of the subject up to demonstration of the advanced competencies required of a master of the profession.

The competencies framework and its associated training programme go much further than knowledge-based certification efforts and are designed to develop and enhance professional capabilities in a measurable way whilst focusing on the specialist areas of the candidate’s chosen career path.

SABSA Education
Official SABSA Training is available through a network of licensed Accredited Education Providers (AEPs) each of which is rigorously assessed the The SABSA Institute for delivery quality and experience. All training courses must be presented by the SABSA Masters.

Check current schedules for authorised training in your region.

SABSA Competency Framework

The SABSA Certification Framework goes much further than other certification efforts, which are largely knowledge-based. The SABSA syllabus comprises of a set of required professional competencies expressed as a series of task-oriented or behavioural learning objectives.

Each objective must:

a) show that the candidate has acquired the relevant knowledge and

b) demonstrate that the candidate has the appropriate level of skill to apply that knowledge. Together knowledge and skill make up a competency.

The SABSA Certification Framework utilises the leading educational framework published by Benjamin S. Bloom as a “Taxonomy of Educational Objectives” (Allyn & Bacon, Pearson Education 1984). The table below shows an overview of SABSA’s six-layer Competency Framework using Bloom’s taxonomy.


SABSA Certification Roadmap
From Foundation level certification which requires a candidate to pass two test modules covering the major principles, design concepts, and management processes of Enterprise Security Architecture, up to Master level certification which demonstrates advanced competencies and leadership in a chosen area of specialism, the SABSA certification framework is suitable for Security Architects at all career levels.  There are three levels of qualification:

  • SABSA Chartered Foundation (SCF) Certificate
  • SABSA Chartered Practitioner (SCP) Certificate
  • SABSA Chartered Master (SCM) Certificate


SABSA Chartered Security Architect – Foundation Certificate (SCF)

The SABSA Foundation Modules (F1 & F2) are The SABSA Institute’s official starting point for developing Security Architecture Competencies.  They are designed to create a broad-spectrum of knowledge and understanding of the SABSA method, its frameworks, concepts, models & techniques.  Theories and concepts are put to the test in ‘proof-of-concept- style case study exercises and workshops so that candidates can understand how SABSA is best applied to meet the challenges of the real world.

Foundation – Certification Process

Step 1 – Attend an official SABSA Foundation training course offered by a licensed provider.

Step 2 – Pass Foundation Examination Modules F1 and F2.

Foundation – Examination Format & Prerequisites

Examination candidates must attend an official training course and register through an official SABSA AEP.

Each of the two Foundation modules F1 and F2 consists of 48 multiple choice questions and candidates must score 75% or greater in each module to gain a Pass.

Each test module is of 60 minutes duration but candidates for whom English is not a first language may apply for an additional 15 minutes per module.

SABSA Chartered Security Architect – Practitioner Certificate (SCP)

Advanced training modules required to obtain Practitioner certification expand a candidate’s delivery capability far beyond the knowledge of comprehension tested at Foundation level into a practical demonstration of the development and demonstration competencies to apply SABSA and achieve valuable results for the benefit of the organisation and the individual.

A successful candidate is required to demonstrate the competence and ability to:

  • Analyse and assess business problems and business-driven requirements;
  • Apply, modify and customise the SABSA method to strategise and innovate specific solutions to meet the unique requirements of their organisation, culture and sector;
  • Design and create the work-product required to establish and operationalise SABSA for the solution strategies in their unique environment;
  • Assess, evaluate and test concepts and theories by populating the work-product they design for real-world application;
  • Apply and measurably demonstrate their skills under the pressure of examinations.

Advanced Course module options are:

A1 – Advanced SABSA Risk, Assurance & Governance

A3 – SABSA A3 – Architecture Design Development

SABSA Chartered Security Architect – Certification Process

Step 1 – Attend any one official SABSA Advanced training course offered by a licensed provider. The Advanced course module options are:

A1 – Advanced SABSA Risk, Assurance & Governance

A2 – Advanced SABSA Architecture Program Management

A3 – Advanced SABSA Architecture Design

A4 – Advanced SABSA Incident, Monitoring & Investigations Architecture

A5 – Advanced SABSA Business Continuity and Crisis Management

Step 2 – Pass the corresponding Advanced Examination Modules (A1 to A5).

SABSA Chartered Security Architect – Examination Format & Prerequisites

Examination candidates must have previously attended an official SABSA Foundation training course prior to participating in an Advanced module. The SCF certification is a pre-requisite to obtaining an SCP.

It is not possible to assess Advanced competency using multiple-choice testing techniques so Advanced module examinations take the form of demonstrable assignments. Examination papers contain 5 questions from which candidates must choose 2 to answer. Using examples from real working environments, or by creating a case study, or a combination of both, candidates are required to assess issues, evaluate solution approaches, and customise and apply the SABSA method and framework to create and populate appropriate SABSA work-products (techniques, tools, templates, models, frameworks, etc.).

Answers are assessed exclusively against the competencies requested in the paper from competency level 3 (such as ‘Apply’) up to competency level 6 (such as ‘Invent’).

Papers are dual marked by two SABSA Masters and candidates must score 75% or greater to gain a Pass.

Candidates have four weeks to return completed examination answers.

SABSA Chartered Security Architect – Master Certificate (SCM)

A SABSA Master certificate demonstrates the very highest levels of Security Architecture capability and leadership.

Master Certification Process

Step 1 – Attend a second official SABSA Advanced training course in addition to the module chosen for Practitioner level certification. The Advanced course module options are:

A1 – Advanced SABSA Risk, Assurance & Governance

A2 – Advanced SABSA Architecture Program Management

A3 – Advanced SABSA Architecture Design

A4 – Advanced SABSA Incident, Monitoring & Investigations Architecture

A5 – Advanced SABSA Business Continuity and Crisis Management

Step 2 – Pass the corresponding Advanced Examination Modules (A1 to A5).

Step 3 – Submit a SABSA Master Thesis for assessment and gain a “Pass”.

Master Examination Format & Prerequisites

Masters candidates must have previously obtained an SCP certification.

Read the Guidelines for SCM Theses for further information.