The SABSA Community at Large

The community includes all persons and corporate organisations with a professional or personal interest in the activities and goals of The SABSA Institute.


Individual Members

Those individuals who and choose to become registered as Members.


Chartered Members

Those individuals who and choose to become registered as Members.


Corporate Sponsors of the Institute

Corporate bodies from industry, commerce, education, government, military and charitable work that have a sufficient interest to invest either financial support, or human resources, or both, in the development of the SABSA IP for the benefit of the entire community, including the benefits to them.


Corporate & Governmental Users of SABSA

Corporate bodies, especially large publicly owned companies quoted on stock exchanges, and governments and their agencies whose internal governance requires them to be fair, equitable and duly diligent in the expenditure of their funds, and who cannot choose to adopt SABSA without a high level of assurance as to its provenance, longevity, and freedom from commercial exploitation.



The SABSA Institute has established a global network of Accredited Education Partners (AEPs) to deliver the official SABSA education and training programme. For more details see the pages on Training and Certification.

In the future the Institute will also establish a network of Accredited Audit Partners (AAPs) to audit SABSA compliant tools so as to offer a ‘SABSA Approved’ kite-mark on certain products (such as software tools) from third party vendors.



The SABSA Institute seeks to make alliances with other similar governing bodies whose purpose is to publish standards and methods for risk management and security architecture. As much as possible the Institute seeks to align the SABSA framework with these other standards so as to provide the most seamless integration for architects and engineers designing and building business systems and needing to call on multiple sources for their standards and guidance.

As an example of this, The SABSA Institute has been collaborating for some time with The Open Group on a number of development projects. One such project is the joint development of a Security Services Catalogue for use by those designing solution architectures and needing source material to help them along. The first report from this project group is now released and published and is available at Other projects are in the pipeline and will eventually be published by the Institute.



Initially these include the UK Secretary of State for Business, Energy and Industrial Strategy (formally Business, Innovation and Skills) and the UK Community Interest Companies Regulator who will regulate The SABSA Institute to create the assurance that the Institute is properly run according to it’s official status both as an ‘institute’ and as a ‘community interest company’.

However, many corporate users of SABSA are (and/or will in the future be) regulated firms in industries such as banking, insurance, civil aviation, energy provision, pharmaceuticals, health care, road and rail transport, telecommunications and critical national infrastructure in general. Part of the regulation of these industries is to set requirements for risk management, including information risk management, and to supervise the implementation of solutions that are compliant with the regulations. We propose SABSA as a tool that will assist with this regulatory process, enabling regulated firms better to demonstrate their levels of compliance and competence.