What is a security reference architecture, and how do you develop one for an organization? Explain how frameworks like NIST and SABSA guide architectural decisions, and how you ensure the architecture remains aligned with evolving business needs.

Question

Accepted Answer

A security reference architecture is a standardized blueprint that defines the security controls, patterns, and principles an organization uses to protect its systems, data, and operations.

What is a security reference architecture, and how do you develop one for an organization? Explain how frameworks like NIST and SABSA guide architectural decisions, and how you ensure the architecture remains aligned with evolving business needs.

Sample answer preview

Unlock the full answer