The SABSA Institute

The SABSA Institute is the professional member and certification body for Enterpise Security Architects of all specialisms and at all career levels. It governs the on-going development and management of SABSA Certification and Education programmes world-wide.

The SABSA Institute develops and maintains the method and certifies and accredits the professional Architects who use it in approximately 70 countries around the world.

The Institute is tasked with providing confidence and assurance of members’ competencies to design, deliver, and manage business security architectures through testing professional proficiency in all aspects of Enterprise Security Architecture as delivered by the SABSA Method.


SABSA is a proven methodology for developing business-driven, risk and opportunity focused Security Architectures at both enterprise and solutions level that traceably support business objectives.

It is also widely used for Information Assurance Architectures, Risk Management Frameworks, and to align and seamlessly integrate security and risk management into IT Architecture methods and frameworks.


SABSA is comprised of a series of integrated frameworks, models, methods and processes, used independently or as an holistic integrated enterprise solution, including:

  • Business Requirements Engineering Framework (known as Attributes Profiling)
  • Risk and Opportunity Management Framework
  • Policy Architecture Framework
  • Security Services-Oriented Architecture Framework
  • Governance Framework
  • Security Domain Framework
  • Through-life Security Service Management & Performance Management Framework