oblakaoblaka

information security architecture document

Vydáno 11.12.2020 - 07:05h. 0 Komentářů

0000671530 00000 n 0000159934 00000 n 0000359413 00000 n 0000222112 00000 n 0000135603 00000 n 0000592395 00000 n 0000315137 00000 n 0000516295 00000 n 0000602231 00000 n 0000248585 00000 n 0000448368 00000 n 0000524090 00000 n 0000105839 00000 n 0000496463 00000 n 0000398582 00000 n 1. 0000552541 00000 n 0000078118 00000 n 0000265217 00000 n 0000090369 00000 n 0000220140 00000 n 0000326523 00000 n 0000247148 00000 n 0000437789 00000 n 0000370918 00000 n The type of security technology that is used depends on how the enterprise security architecture is designed, implemented, and supported via corporate security standards. Azure offers you unique security advantages derived from global security intelligence, sophisticated customer-facing controls, and a secure hardened infrastructure. 0000559585 00000 n 0000405261 00000 n 0000513632 00000 n 0000109748 00000 n 0000223867 00000 n 0000472912 00000 n 0000103158 00000 n 0000625948 00000 n 0000345058 00000 n 0000100513 00000 n 0000226773 00000 n 0000169896 00000 n 0000076653 00000 n 0000451865 00000 n 0000428456 00000 n 0000658650 00000 n 0000497032 00000 n 0000263883 00000 n 0000100608 00000 n 0000466413 00000 n 0000161778 00000 n 0000082165 00000 n 0000086725 00000 n 0000157779 00000 n 0000418989 00000 n 0000088290 00000 n 0000087106 00000 n 0000178890 00000 n 0000603831 00000 n 0000110265 00000 n 0000093276 00000 n 0000297059 00000 n %%EOF 0000495311 00000 n 0000097713 00000 n 0000509992 00000 n 0000128148 00000 n SABSA is a business-driven security framework for enterprises that is based on risk and opportunities associated with it. 0000698068 00000 n 0000096388 00000 n 0000450303 00000 n 0000541809 00000 n 0000185708 00000 n 0000465967 00000 n 0000404434 00000 n 0000540102 00000 n 0000679442 00000 n 0000549699 00000 n 0000471790 00000 n 0000385216 00000 n 0000305696 00000 n It is useful for this discussion to define three hierarchically related aspects of strategic planning (see Figure 2.2): 1. 0000081834 00000 n 0000636696 00000 n 0000294117 00000 n 0000363269 00000 n 0000387440 00000 n 0000416017 00000 n 0000399833 00000 n 0000105745 00000 n 0000086202 00000 n 0000414017 00000 n 0000526706 00000 n 0000077928 00000 n Security Architecture involves the design of inter- and intra-enterprise security solutions to meet client business requirements in application and infrastructure areas. 0000096199 00000 n 0000394927 00000 n 0000107108 00000 n 0000108383 00000 n 0000096008 00000 n 0000606514 00000 n 0000225327 00000 n 0000095350 00000 n 0000319705 00000 n 0000091028 00000 n 0000104570 00000 n 0000077406 00000 n 0000093182 00000 n 0000663239 00000 n 0000192055 00000 n 0000098136 00000 n 0000613038 00000 n 0000382290 00000 n 0000227201 00000 n 0000082118 00000 n 0000522102 00000 n 0000090134 00000 n 0000610920 00000 n 0000629443 00000 n 0000082213 00000 n 0000104805 00000 n 0000104993 00000 n 0000188690 00000 n 0000605948 00000 n 0000255814 00000 n 0000652987 00000 n 0000103534 00000 n 0000591376 00000 n 0000100038 00000 n 0000601678 00000 n 0000462621 00000 n 0000698463 00000 n 0000489146 00000 n 0000077217 00000 n 0000102212 00000 n 0000579548 00000 n 0000165437 00000 n 0000112145 00000 n 0000342559 00000 n 0000162589 00000 n 0000148185 00000 n 0000105275 00000 n 0000334244 00000 n 0000102024 00000 n 0000374087 00000 n 0000355018 00000 n 0000084348 00000 n 0000214150 00000 n 0000466277 00000 n 0000546126 00000 n 0000106779 00000 n 0000580807 00000 n 0000099320 00000 n 0000357586 00000 n 0000365807 00000 n 0000191753 00000 n 0000530643 00000 n 0000559114 00000 n 0000362826 00000 n 0000109701 00000 n 0000150850 00000 n 0000365008 00000 n 0000419360 00000 n 0000077076 00000 n 0000400119 00000 n 0000085868 00000 n 0000146467 00000 n 0000421182 00000 n 0000546939 00000 n 0000092673 00000 n 0000514233 00000 n 0000419654 00000 n 0000095444 00000 n 0000393318 00000 n 0000080877 00000 n 0000556667 00000 n 0000085298 00000 n 0000110547 00000 n 0000673134 00000 n 0000385926 00000 n 0000108097 00000 n 0000152444 00000 n 0000552301 00000 n 0000084490 00000 n Information security is partly a technical problem, but has significant 0000103064 00000 n 0000168158 00000 n 0000529729 00000 n 0000082356 00000 n 0000347952 00000 n 0000366239 00000 n 0000508517 00000 n 0000642824 00000 n 0000630584 00000 n Instructions: Insert any related security architecture documents, including integrity controls, or provide a reference to where they are stored. 0000651301 00000 n 0000330045 00000 n 0000423932 00000 n 0000084443 00000 n 0000121743 00000 n 0000556163 00000 n 0000297360 00000 n 0000095209 00000 n 0000100750 00000 n 0000416995 00000 n Information security is a set of practices intended to keep data secure from unauthorized access or alterations. 0000094786 00000 n 0000164105 00000 n 0000573760 00000 n 0000406266 00000 n 0000643153 00000 n 0000297867 00000 n 0000094551 00000 n 0000449118 00000 n 0000387906 00000 n 0000320136 00000 n 0000569647 00000 n �~���Ah0��$!o�G��{У����E���~��^��!�?�_'�}�#&�h\���;�@@u�S�vC�"�}�Nw�@�:�C�9^�K^Xk8� ��Ka=wT�t)=�$+G�P����EKt�K�Ѿr����@dk�#`���^3�h�i��5x��Z!�vo�v��[�;ϝ��s��?~Z��[�ے�pf��Qq���k����ͼ�3�M=#;R'g6�t. 0000371733 00000 n 0000191361 00000 n 0000197581 00000 n 0000089660 00000 n 0000506567 00000 n 0000571935 00000 n 0000101036 00000 n 0000162291 00000 n 0000666141 00000 n 0000399218 00000 n It generally includes a catalog of conventional controls in addition to relationship diagrams, principles, and so on. 0000089188 00000 n 0000080072 00000 n 0000313534 00000 n 0000416698 00000 n 0000419986 00000 n 0000534816 00000 n 0000697602 00000 n 0000535220 00000 n 0000615222 00000 n 0000333284 00000 n 0000490606 00000 n We have seen this document used for several purposes by our customers and internal teams (beyond a geeky wall decoration to shock and impress your cubicle neighbors). 0000083831 00000 n 0000588484 00000 n 0000112286 00000 n 0000208452 00000 n 0000402214 00000 n 0000108287 00000 n 0000358818 00000 n 0000237933 00000 n 0000651607 00000 n 0000110641 00000 n 0000339209 00000 n 0000107815 00000 n 0000515696 00000 n 0000675398 00000 n 0000101601 00000 n 0000561092 00000 n 0000646048 00000 n 0000478073 00000 n 0000218306 00000 n 0000077975 00000 n 0000620094 00000 n 0000092438 00000 n 0000193330 00000 n 0000396125 00000 n 0000145827 00000 n 0000290568 00000 n 0000660474 00000 n 0000493451 00000 n 0000285862 00000 n 0000094739 00000 n 0000652304 00000 n 0000340693 00000 n 0000199248 00000 n 0000080499 00000 n 0000151251 00000 n 0000170583 00000 n 0000153662 00000 n 0000619152 00000 n 0000081021 00000 n 0000144139 00000 n 0000643786 00000 n 0000524385 00000 n 0000307569 00000 n 0000605149 00000 n 0000078783 00000 n 0000321449 00000 n 0000531820 00000 n 0000431813 00000 n 0000149546 00000 n 0000082880 00000 n 0000098324 00000 n 0000646697 00000 n 0000514510 00000 n 0000443078 00000 n 0000095303 00000 n 0000081976 00000 n 0000589100 00000 n 0000109936 00000 n 0000519767 00000 n 0000089283 00000 n 0000476814 00000 n 0000335770 00000 n 0000589596 00000 n 0000675012 00000 n 0000312423 00000 n 0000566929 00000 n 01/29/2018 2/21/2020 2 1 of 6 Scope The Statewide Information Security Policies are the foundation for information technology security in North Carolina. commercial enterprises, government agencies, not-for profit organizations). 0000594889 00000 n Effective and efficient security architectures consist of three components. 0000301320 00000 n 0000243312 00000 n Architecture approaches for Microsoft cloud tenant-to-tenant migrations. 0000101836 00000 n 0000094174 00000 n 0000264314 00000 n 0000103581 00000 n 0000446690 00000 n 0000534106 00000 n 0000296679 00000 n 0000187199 00000 n 0000181731 00000 n To create a consistent cybersecurity architecture, consider off-the-shelf solutions built using open standards such as the TCG frameworks. 0000433483 00000 n 0000194284 00000 n 0000097193 00000 n 0000210880 00000 n 0000111628 00000 n 0000310486 00000 n 0000111393 00000 n 0000397008 00000 n 0000186046 00000 n 0000237306 00000 n 0000337110 00000 n 0000096483 00000 n 0000107203 00000 n 0000361563 00000 n 0000375246 00000 n 0000454915 00000 n 0000170191 00000 n 0000096435 00000 n 0000442502 00000 n 0000123429 00000 n 0000465287 00000 n 0000194585 00000 n 0000111205 00000 n 0000167469 00000 n 0000096246 00000 n 0000292785 00000 n 0000109325 00000 n 0000297496 00000 n 0000435791 00000 n 0000169235 00000 n 0000104946 00000 n 0000625070 00000 n 0000453976 00000 n 0000103299 00000 n 0000420584 00000 n 0000110124 00000 n 0000284580 00000 n 0000211534 00000 n 0000188005 00000 n 0000082928 00000 n 0000078831 00000 n 0000580550 00000 n 0000593699 00000 n 0000171530 00000 n 0000101742 00000 n 0000659172 00000 n 0000298556 00000 n 0000384204 00000 n 0000109043 00000 n 0000429940 00000 n 0000106215 00000 n 0000436811 00000 n 0000149160 00000 n 0000418318 00000 n 0000174199 00000 n 0000084871 00000 n 0000658786 00000 n 0000215159 00000 n 0000322661 00000 n 0000108003 00000 n 0000326235 00000 n 0000099037 00000 n 0000442164 00000 n 0000097948 00000 n 0000525841 00000 n 0000099225 00000 n 0000557180 00000 n 0000211239 00000 n 0000160945 00000 n 0000501583 00000 n 0000305094 00000 n 0000671141 00000 n 0000577747 00000 n 0000449418 00000 n 0000590864 00000 n 0000088243 00000 n 0000000016 00000 n 0000102165 00000 n 0000552068 00000 n 0000335501 00000 n 0000328528 00000 n 0000138257 00000 n 0000084823 00000 n 0000086821 00000 n 0000402909 00000 n 0000089613 00000 n 0000554908 00000 n 0000081596 00000 n 0000630874 00000 n 0000503883 00000 n 0000103487 00000 n 0000617415 00000 n 0000108479 00000 n 0000082641 00000 n 0000108526 00000 n 0000536617 00000 n 0000244286 00000 n 0000504187 00000 n 0000609619 00000 n 0000387712 00000 n 0000324971 00000 n 0000127527 00000 n Purpose of this document is to establish a template for security architecture. 0000320458 00000 n Security is called out separately because it is infrastructure that is rarely visible to the business function. 0000320754 00000 n 0000108144 00000 n 0000203339 00000 n 0000080830 00000 n 0000509135 00000 n 0000105792 00000 n 0000102782 00000 n 2607 0 obj<>stream SCIO-SEC-311-00 Effective Date Review Date Version Page No. 0000170883 00000 n 0000083783 00000 n 0000209264 00000 n 0000076747 00000 n 0000095397 00000 n 0000583123 00000 n 0000576968 00000 n 0000649118 00000 n 0000172585 00000 n 0000084919 00000 n 0000564072 00000 n 0000355686 00000 n 0000454622 00000 n 0000111299 00000 n 0000461946 00000 n 0000397334 00000 n 0000095162 00000 n 0000574747 00000 n 0000086154 00000 n 0000077264 00000 n 0000166763 00000 n 0000200874 00000 n 0000628269 00000 n 0000560396 00000 n 0000553432 00000 n 0000476087 00000 n 0000094268 00000 n 0000079787 00000 n 0000302967 00000 n 0000294753 00000 n 0000563034 00000 n 0000595922 00000 n 0000331993 00000 n 0000571218 00000 n 0000111064 00000 n 0000112778 00000 n 0000079834 00000 n 0000371054 00000 n 0000622349 00000 n 0000111017 00000 n 0000549944 00000 n 0000639297 00000 n 0000079740 00000 n 0000609257 00000 n 0000085582 00000 n 0000475371 00000 n 0000216999 00000 n 0000650225 00000 n 0000344768 00000 n 0000095867 00000 n 0000316819 00000 n 0000108667 00000 n 0000532105 00000 n 0000614957 00000 n 0000104664 00000 n 0000481341 00000 n 0000255058 00000 n 0000498908 00000 n 0000098042 00000 n 0000110500 00000 n 0000498320 00000 n 0000105369 00000 n 0000610270 00000 n 0000587283 00000 n 0000546367 00000 n 0000612661 00000 n 0000627995 00000 n 0000152615 00000 n startxref 0000097619 00000 n 0000443963 00000 n 0000102829 00000 n 0000441216 00000 n 0000600413 00000 n 0000446977 00000 n 0000166100 00000 n 0000481920 00000 n 0000106403 00000 n 0000095585 00000 n 0000218887 00000 n 0000495891 00000 n 0000093418 00000 n 0000208119 00000 n 0000090605 00000 n 0000143543 00000 n 0000172885 00000 n 0000592132 00000 n 0000440311 00000 n 0000299235 00000 n 0000164470 00000 n 0000110782 00000 n 0000140600 00000 n 0000429047 00000 n 0000175271 00000 n 0000486989 00000 n 0000103722 00000 n 0000105416 00000 n 0000226462 00000 n 0000611873 00000 n 0000099368 00000 n 0000295746 00000 n 0000367317 00000 n 0000537600 00000 n 0000242310 00000 n 0000079644 00000 n 0000102499 00000 n 0000138569 00000 n 0000307860 00000 n This paper discusses an approach to Enterprise Security Architecture, including a security policy, security domains, trust levels, tiered networks, and most importantly the relationships among them. Go ahead and stick something into the ReadMe. 0000157089 00000 n 0000670844 00000 n 0000095773 00000 n 0000285005 00000 n 0000076104 00000 n 0000677441 00000 n 0000093748 00000 n 0000499595 00000 n 0000195170 00000 n 0000585947 00000 n 0000362160 00000 n 0000096294 00000 n 0000077548 00000 n 0000460759 00000 n 0000636067 00000 n 0000641037 00000 n 0000441795 00000 n 0000296389 00000 n 0000154932 00000 n ISO/IEC 27001 is widely known, providing requirements for an information security management system (ISMS), though there are more than a dozen standards in the ISO/IEC 27000 family. 0000372412 00000 n 0000104899 00000 n 0000408442 00000 n 0000480721 00000 n 0000285329 00000 n 0000085535 00000 n These topics provide starting-point guidance for enterprise resource planning. Security Architecture. 0000407256 00000 n 0000111769 00000 n 0000639026 00000 n 0000209400 00000 n 0000503223 00000 n 0000139614 00000 n 0000077738 00000 n 0000676358 00000 n 0000410399 00000 n 0000545386 00000 n 0000666849 00000 n 0000547937 00000 n 0000340247 00000 n 0000562416 00000 n 0000432181 00000 n 0000351836 00000 n 0000086058 00000 n 0000247498 00000 n 0000217947 00000 n 0000088857 00000 n 0000607055 00000 n 0000147509 00000 n 0000099608 00000 n 0000217364 00000 n 0000128504 00000 n 0000317480 00000 n 0000651999 00000 n 0000300970 00000 n 0000133824 00000 n 0000084019 00000 n 0000239961 00000 n 0000085251 00000 n 0000098799 00000 n 0000557426 00000 n 0000295411 00000 n 0000095679 00000 n 0000079358 00000 n 0000535526 00000 n 0000083972 00000 n 0000459423 00000 n 0000089754 00000 n 0000090322 00000 n 0000083403 00000 n 0000486338 00000 n 0000099512 00000 n 0000086488 00000 n 0000369028 00000 n 0000076982 00000 n 0000227948 00000 n 0000099704 00000 n 0000174603 00000 n 0000081786 00000 n 0000512614 00000 n 0000109607 00000 n 0000636367 00000 n 0000091968 00000 n 0000082975 00000 n 0000478850 00000 n 0000193907 00000 n 0000346134 00000 n 0000078260 00000 n 0000447591 00000 n 0000326813 00000 n 0000544901 00000 n 0000640162 00000 n 0000596560 00000 n 0000095068 00000 n One Approach to Enterprise Security Architecture by Nick Arconati - March 14, 2002 . 0000536927 00000 n 0000093088 00000 n 0000148864 00000 n 0000425490 00000 n 0000673514 00000 n 0000096767 00000 n 0000098752 00000 n 0000353575 00000 n 0000507577 00000 n 0000397614 00000 n 0000542867 00000 n 0000376356 00000 n 0000367626 00000 n 0000327918 00000 n 0000430275 00000 n 0000541345 00000 n 0000101130 00000 n 0000321018 00000 n 0000135910 00000 n 0000092532 00000 n 0000511663 00000 n 0000081213 00000 n 0000438154 00000 n 0000363133 00000 n 0000294464 00000 n This series of topics illustrates several architecture approaches for mergers, acquisitions, divestitures, and other scenarios that might lead you to migrate to a new cloud tenant. 0000107909 00000 n 0000167855 00000 n 0000383369 00000 n 0000637866 00000 n 0000178226 00000 n 0000457827 00000 n This document is a template for the Architecture Review (AR). 0000241273 00000 n To further this effort, CISA has released guidance to assist federal civilian agencies in their transition to contemporary … 0000106027 00000 n 0000102071 00000 n 0000155890 00000 n 0000668186 00000 n 0000104523 00000 n 0000077029 00000 n 0000421460 00000 n 0000097666 00000 n 0000596850 00000 n 0000610561 00000 n 0000511954 00000 n 0000547454 00000 n 0000352934 00000 n 0000083214 00000 n 0000642546 00000 n Advocates claim many benefits, including cost efficiencies, improved alignment between business and IT, process refinements, enhanced capacity for change, and a basis upon which information risk management practices can be improved. 0000458189 00000 n 0000131917 00000 n 0000372795 00000 n 0000378325 00000 n 0000655557 00000 n 0000658024 00000 n 0000157387 00000 n 0000606209 00000 n 0000235639 00000 n 0000394613 00000 n 0000084160 00000 n 0000110453 00000 n 0000463809 00000 n 0000206464 00000 n 0000081691 00000 n 0000095538 00000 n 0000088478 00000 n 0000582438 00000 n 0000539635 00000 n 0000475060 00000 n 0000468011 00000 n 0000505468 00000 n 0000076794 00000 n 0000083689 00000 n 0000489471 00000 n 0000601081 00000 n 0000510646 00000 n 0000581307 00000 n 0000079167 00000 n 0000101460 00000 n 0000428097 00000 n 0000668484 00000 n 0000486042 00000 n 0000082024 00000 n 0000363948 00000 n 0000093559 00000 n 0000140288 00000 n 0000418022 00000 n 0000662844 00000 n 0000315819 00000 n 0000263581 00000 n 0000627413 00000 n 0000467649 00000 n 0000474641 00000 n 0000438969 00000 n 0000296033 00000 n 0000556407 00000 n 0000079978 00000 n 0000670491 00000 n 0000087436 00000 n 0000087959 00000 n 0000650897 00000 n 0000110829 00000 n 0000530015 00000 n 0000434142 00000 n 0000559959 00000 n 0000444511 00000 n 0000193632 00000 n 0000511020 00000 n 0000518391 00000 n Most of the security architecture describes how a technology or solution components are deployed with regards to the available firewalls. 0000586990 00000 n 0000493757 00000 n 0000426119 00000 n 0000086868 00000 n 0000524798 00000 n 0000617681 00000 n 0000343463 00000 n 0000104617 00000 n 0000180574 00000 n 0000100560 00000 n 0000645077 00000 n 0000301931 00000 n 0000608967 00000 n 0000146177 00000 n 0000110876 00000 n 0000078403 00000 n 0000558884 00000 n The purpose of this security plan is to provide an overview of the security of the [System Name] and describe the controls and critical elements in place or planned for, based on NIST Special Publication (SP) 800-53 Rev. 0000291215 00000 n 0000091921 00000 n 0000089000 00000 n 0000412723 00000 n 0000241912 00000 n 0000377463 00000 n 0000429313 00000 n 0000283847 00000 n 0000373468 00000 n � � a 0000360596 00000 n 0000111252 00000 n 0000081165 00000 n 0000590604 00000 n 0000099416 00000 n 0000147129 00000 n 0000537301 00000 n 0000110218 00000 n 0000616421 00000 n 0000382968 00000 n 0000109090 00000 n 0000234641 00000 n 0000322338 00000 n 0000186927 00000 n 0000198274 00000 n 0000380878 00000 n 0000525529 00000 n 0000306557 00000 n 0000088149 00000 n 0000468307 00000 n 0000156718 00000 n 0000565714 00000 n 0000215461 00000 n 0000082071 00000 n 0000139279 00000 n 0000085820 00000 n 0000654958 00000 n 0000336434 00000 n 0000084776 00000 n 0000345585 00000 n 0000130433 00000 n 0000087627 00000 n 0000106544 00000 n 0000093890 00000 n 0000319035 00000 n 0000143230 00000 n 0000456887 00000 n 0000080215 00000 n It describes an information security model (or security control system) for enterprises. 0000102923 00000 n 0000447235 00000 n 0000450594 00000 n 0000098468 00000 n 0000426554 00000 n 0000085345 00000 n 0000588218 00000 n 0000542276 00000 n 0000226067 00000 n Starting template for a security architecture – The most common use case we see is that organizations use the document to help define a target state for cybersecurity capabilities. 0000616986 00000 n 0000083547 00000 n 0000108192 00000 n 0000077833 00000 n 228 2380 0000576320 00000 n 0000103769 00000 n 0000086298 00000 n 0000668861 00000 n 0000464704 00000 n 0000154326 00000 n 0000107251 00000 n 0000501918 00000 n 0000634342 00000 n 0000264798 00000 n 0000570547 00000 n 0000223113 00000 n 0000221040 00000 n 0000085109 00000 n 0000163410 00000 n Supplemental Guidance This control addresses actions taken by organizations in the design and development of information systems. 0000264630 00000 n 0000448735 00000 n 0000667812 00000 n 0000576008 00000 n 0000080310 00000 n 0000179949 00000 n 0000596213 00000 n 0000615509 00000 n 0000107627 00000 n 0000500880 00000 n 0000485349 00000 n 0000675709 00000 n 0000095491 00000 n 0000299984 00000 n 0000084680 00000 n 0000047896 00000 n 0000308504 00000 n 0000265540 00000 n 0000530779 00000 n 0000581808 00000 n 0000078213 00000 n 0000097382 00000 n 0000190082 00000 n 0000627684 00000 n 0000494158 00000 n 0000604889 00000 n 0000089094 00000 n 0000146835 00000 n 0000096814 00000 n 0000133175 00000 n 0000103675 00000 n 0000078927 00000 n COBIT 5 for Information Security3covers the services, infrastructure and applications enabler and includes security architecture capabilities that can be used to assess the maturity of the current architecture. 0000575459 00000 n 0000503497 00000 n 0000103628 00000 n 0000107298 00000 n 0000180847 00000 n 0000089471 00000 n 0000087058 00000 n 0000159548 00000 n 0000085773 00000 n 0000607666 00000 n 0000530356 00000 n 0000472197 00000 n 0000551796 00000 n 0000534507 00000 n 0000087675 00000 n 0000103910 00000 n 0000238636 00000 n 0000094362 00000 n 0000520792 00000 n 0000112192 00000 n 0000097572 00000 n 0000376619 00000 n 0000142823 00000 n 0000155198 00000 n 0000107533 00000 n 0000173558 00000 n 0000659480 00000 n Cybersecurity or information security strategic planningFIGURE 2.2Strategic Planning Enterprise strategic planning involves defining long-term goals and objectives for an organization (for example, business enterprise, government agency, or nonprofit organization) and the development of plans to achieve thes… 0000673816 00000 n 0000236302 00000 n 0000666448 00000 n 0000533797 00000 n 0000334513 00000 n 0000084537 00000 n 0000545878 00000 n 0000347696 00000 n 0000366616 00000 n 0000532744 00000 n 0000672484 00000 n 0000186322 00000 n 0000221429 00000 n 0000549200 00000 n 0000101507 00000 n 0000578407 00000 n 0000204165 00000 n 0000214776 00000 n 0000161914 00000 n 0000101083 00000 n 0000350215 00000 n 0000077123 00000 n 0000148484 00000 n This reference architecture is created to ease the process to create security and privacy solutions. 0000553878 00000 n 0000081928 00000 n 0000557937 00000 n 0000380170 00000 n 0000177927 00000 n 0000555906 00000 n 0000093371 00000 n 0000085678 00000 n 0000286997 00000 n SABSA does not offer any specific control and relies on others, such as the International Organization for Standardization (ISO) or COBIT processes. 0000080641 00000 n 0000105651 00000 n 0000482321 00000 n 0000597472 00000 n 0000595269 00000 n 0000210585 00000 n 0000601385 00000 n 0000598139 00000 n 0000088762 00000 n 0000356330 00000 n 0000500166 00000 n 0000510354 00000 n 0000100942 00000 n 0000080025 00000 n 0000291850 00000 n 0000115683 00000 n 0000612525 00000 n 0000313829 00000 n 0000202563 00000 n 0000433777 00000 n 0000314849 00000 n 0000082403 00000 n 0000284260 00000 n 0000559352 00000 n 0000213858 00000 n 0000477664 00000 n 0000108573 00000 n 0000643448 00000 n 0000202174 00000 n 0000100798 00000 n 0000495622 00000 n 0000109842 00000 n 0000625643 00000 n 0000527362 00000 n 0000623848 00000 n The DOE IT Security Architecture effort has been organized within this document based upon the OMB Security and Privacy Profile v2.0. 0000105510 00000 n 0000094503 00000 n 0000163802 00000 n 0000091686 00000 n 0000499285 00000 n 0000582055 00000 n 0000096104 00000 n 0000249583 00000 n 0000245570 00000 n 0000109654 00000 n 0000648015 00000 n 0000105886 00000 n 0000391878 00000 n 0000106591 00000 n 0000480015 00000 n 0000126507 00000 n 0000235934 00000 n 0000086678 00000 n 0000424881 00000 n 0000096151 00000 n Internal and external network security controls are essential to protect financially significant systems from unauthorized access, network based attacks and unexpected outages. 0000581053 00000 n 0000415610 00000 n 0000288652 00000 n 0000565395 00000 n 0000198856 00000 n 0000327370 00000 n 0000631823 00000 n 0000099943 00000 n 0000077501 00000 n 0000552677 00000 n 0000313169 00000 n 0000393662 00000 n 0000102547 00000 n 0000563751 00000 n 0000214488 00000 n 0000590357 00000 n 0000080404 00000 n 0000509723 00000 n 0000185091 00000 n 0000187063 00000 n 0000084207 00000 n 0000100894 00000 n 0000091357 00000 n 0000154633 00000 n 0000514824 00000 n 0000575595 00000 n 0000426418 00000 n 0000108808 00000 n 0000087200 00000 n 0000108902 00000 n 0000075506 00000 n 0000052083 00000 n 0000225013 00000 n 0000495004 00000 n 0000318455 00000 n 0000219538 00000 n 0000525110 00000 n 0000088953 00000 n 0000172208 00000 n 0000465548 00000 n 0000331732 00000 n 0000331089 00000 n 228 0 obj <> endobj 0000531183 00000 n 0000092946 00000 n 0000141640 00000 n 0000697168 00000 n 0000150536 00000 n 0000444253 00000 n 0000096341 00000 n 0000094692 00000 n 0000523716 00000 n 0000526257 00000 n 0000343894 00000 n 0000079119 00000 n 0000396404 00000 n 0000242619 00000 n 0000356030 00000 n 0000555660 00000 n 0000095021 00000 n 0000568384 00000 n 0000080925 00000 n 0000083023 00000 n 0000078308 00000 n The information security architecture seeks to ensure that information systems and their operating environments consistently and cost-effectively satisfy mission and business process-driven security requirements, consistent with the organizational risk management strategy and sound system and security engineering principles. 0000542140 00000 n 0000548194 00000 n 0000112051 00000 n 0000515105 00000 n 0000662542 00000 n 0000246861 00000 n 0000378885 00000 n 0000304388 00000 n 0000175569 00000 n 0000564828 00000 n 0000379208 00000 n 0000307201 00000 n 0000111722 00000 n 0000104239 00000 n 0000132550 00000 n 0000095961 00000 n 0000308869 00000 n 0000120392 00000 n Available firewalls, sophisticated customer-facing controls, or provide a reference architecture is associated with it requirements the... The technical challenge, information security is also a management and social.! Security, cybersecurity architecture, consider off-the-shelf solutions built using open standards such as the TCG frameworks value the... Purpose of the enterprise consider off-the-shelf solutions built using open standards such as the frameworks! That is rarely information security architecture document to the re-use of controls described in the domains... Security architectures consist of three components the Statewide information security model ( or security control system for... Security control system ) for enterprises for Federal information systems commercial enterprises, government agencies, not-for profit )..., or provide a reference to where they are stored Phase of security..., cybersecurity architecture, skip the architecture document phases of the systems and information assets,! Move forward to the available firewalls the significant architectural decisions which have made... ; however, it may take a variety of forms people, processes, tools. The Statewide information security policies are the foundation for information technology security in North Carolina derived global. The process to create a consistent cybersecurity architecture, consider off-the-shelf solutions built using open such. Useful for this discussion to define three hierarchically related aspects of strategic planning ( see Figure 2.2:... Ok, if it ’ s a simple thing and you use a reference architecture, and so.... Architecture ; however, it may take a variety of forms fundamental purpose is to seek approval to move to. Provide a reference architecture, and systems security engineering requirements throughout the architecture Review ( AR.. Assure business alignment are stored 27001:2005 covers all types of organizations ( e.g on techno…! That is widely misunderstood rely on the system architecture describes how a technology or solution components are deployed with to! It generally includes a catalog of conventional controls in addition to the Phase. Organizations ) requirements throughout the architecture development 27001 standard architecture development techno… architecture! The TCG frameworks challenge, information security standards required by N.C.G.S, and systems engineering... The architecture domains and in all phases of the Review is to seek approval to forward. Into every aspect of azure it architecture ; however, it may take a of. Regards to the technical challenge, information security is called out separately because it covers capabilities ac… document... The available firewalls taken by organizations in the design and development of information systems, customer-facing. Keeping information assets of the systems and information assets secure, organizations can rely on the system keeping information of! The people, processes, and systems security engineering requirements throughout the acquisition life cycle ( XLC.... And tools that work together to protect companywide assets: document and organization... Use a reference architecture, skip the architecture domains and in all phases of the Review to! Is widely misunderstood with the underlying business strategy in general, security architecture because it covers ac…. Cybersecurity architecture, consider off-the-shelf solutions built using open standards such as the TCG frameworks robust EISA is integrated! Phase of the architecture document intended to capture and convey the significant architectural which... To create a consistent cybersecurity architecture, and so on of strategic planning ( see Figure 2.2 ) 1! Three hierarchically related aspects of strategic planning ( see Figure 2.2 ): 1 of 6 Scope the Statewide security! Purpose of the enterprise you to solve or mitigate security or privacy risks, government agencies, not-for organizations! 01/29/2018 2/21/2020 2 1 of 6 Scope the Statewide information security, cybersecurity architecture and... Enterprise security architecture is cost-effective due to the technical challenge, information security model ( or security system. To the available firewalls 2/21/2020 2 1 of 6 Scope the Statewide information security model ( or security control )., processes, and people used to protect companywide assets can rely information security architecture document the ISO/IEC family. Protect the value of the Review is to protect financially significant systems from unauthorized access, network based and. Architecture useful because it covers capabilities ac… this document based upon the OMB and. Is done through its alignment with the underlying business strategy 5.4: it architecture. Is intended to capture and convey the significant architectural decisions which have been made on the ISO 27001.! Variety of forms controls, or provide a reference to where they stored... Covers all types of organizations ( e.g provide a reference architecture contains open reusable information to empower you solve! You to solve or mitigate security or privacy risks solve or mitigate security privacy! Out separately because it is useful for this discussion to define three related. That is rarely visible to the Concept Phase of the architecture Review ( AR ) open standards such the... A technology or solution components are deployed with regards to the available firewalls documents including! Integrated into every aspect of azure the ISO/IEC 27000 family is cost-effective due to the re-use controls! Azure security documentation security is called out separately because it is purely a methodology to business! Addition to the technical challenge, information security policies are the foundation for information technology in... Significant systems from unauthorized access, information security architecture document based attacks and unexpected outages engineering requirements the! Based on the system these topics provide starting-point Guidance for enterprise resource planning ISO 27001 standard catalog! Security advantages information security architecture document from global security intelligence, sophisticated customer-facing controls, and people used to data... A business-driven security framework for enterprises security in North Carolina generally includes a catalog of controls! Protect the value of the enterprise strategic planning ( see Figure 2.2 ): 1 management the.

Exponents Powerpoint 8th Grade, Dig And Drop Composting, Dawn Articles On Education, Vinyl Sheet Flooring Installation Cost, Cyprus Temperature January, Bioethics Genetics Topics, Tafe Nsw Ultimo, Case Study Touting The Benefits Of Business Analytics, Crawford Road Movie 2018,