Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your email address or mobile phone number.

Enterprise Security Architecture: A Business-Driven Approach 1st Edition

4.5 out of 5 stars 11 customer reviews
ISBN-13: 978-1578203185
ISBN-10: 157820318X
Why is ISBN important?
ISBN
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Sell yours for a Gift Card
We'll buy it for $37.83
Learn More
Trade in now
Have one to sell? Sell on Amazon
Buy used On clicking this link, a new layer will be open
$70.67 On clicking this link, a new layer will be open
Buy new On clicking this link, a new layer will be open
$74.91 On clicking this link, a new layer will be open
More Buying Choices
26 New from $61.79 21 Used from $61.00
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Save Up to 90% on Textbooks Textbooks
$74.91 FREE Shipping. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.

Frequently Bought Together

  • Enterprise Security Architecture: A Business-Driven Approach
  • +
  • Official (ISC)2® Guide to the ISSAP® CBK, Second Edition ((ISC)2 Press)
  • +
  • Security Engineering: A Guide to Building Dependable Distributed Systems
Total price: $211.57
Buy the selected items together

Editorial Reviews

About the Author

John Sherwood, active in operational risk management for more than a decade and as an information systems professional for more than 30 years, is the Chief Architect of the SABSA(r) model. He is also a visiting lecturer and external examiner at Ro
NO_CONTENT_IN_FEATURE


Product Details

  • Hardcover: 608 pages
  • Publisher: CRC Press; 1 edition (November 12, 2005)
  • Language: English
  • ISBN-10: 157820318X
  • ISBN-13: 978-1578203185
  • Product Dimensions: 1.8 x 8.2 x 10.2 inches
  • Shipping Weight: 3.6 pounds (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (11 customer reviews)
  • Amazon Best Sellers Rank: #102,556 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Top Customer Reviews

Format: Hardcover Verified Purchase
First off, I have read this book cover to cover. I have been practicing information security architecture and implementation for 10 years. I really liked the in-depth coverage of information security in general. The mapping of the Zachman Framework cells to the so-called SABSA framework is also impressive, but is simple enough to not warrant a whole chapter to be honest. But what is evident to me might not be so to the novice so I take nothing away from the author here.

However, I am very disappointed with this book from an application of methods standpoint. I was expecting so much more.
At the very least I expected some 'real-world' scenarios to be covered in some detail so the practitioner can use material, techniques presented in the book on the job. In several places, this book comes close to revealing the application of methodology being propounded under the trade name of SABSA but then fails to do so. Time and again, I turned over to the next page in anticipation but was left disappointed and exasperated! The author simply refers the reader to contact him for further details- well that's the point of reading the book isn't it? I bought this book for the details but left with an imitation of the Zachman Framework, which by the way is still more directly applicable to information security than SABSA in my most humble opinion. If I am wrong in having said that, it is because I did not learn how or why based on my reading of this book.

I still give it 4 because I like to round up from 3.5- there is too much good information here for the novice for me to rate it 3.
Comment 12 of 12 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover
This is a particularly interesting book in that it proposes an approach to developing security architectures that are aligned with Business Needs. Most of the other literature that I have seen in this field seems to throw itself into technical detail and try to be a "cookbook" for techies.

The book is in two distinct parts - this first outlines the philosophy and approach of SABSA (Sherwood Applied Security Architecture) and the second draws on the authors' considerable experience in using SABSA in real-life scenarios, giving a set of "standard" services and mechanisms that should be considered when building an Enterprise Security Architecture.

If you are looking just to do techie "black box" security engineering with routers and servers then this book is not really for you. This is a book for those with a responsibility for enterprises where security can be seen as enabling the business rather than fighting it.

Like others with whom I have spoken, I liked the "quick notes" in the left hand column of every page that let's you speed read each chapter. They made it really easy to set a good insight into the subject quickly and focus on the areas that I really wanted to know more about.

One hidden gem in this book is the approach to Measuring Return on investment in security - it opened my eyes to using security as a business enabler.
Comment 22 of 27 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover
It is amazing how different books can be. I read dozens of information security management related books, but this one is only I can use in my everyday job. If you are consultant or professional CISO, this book offers tips of how to do things right and how to be efficient. It is information security management bible. Buy hardcover version because you will use it every day.
Comment 7 of 8 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover
This book (and the Sherwod/Clark/Lynas philosophy) was developed in parallel to the Zachman Framework (unbeknownst to either groups). If you a familar with Zachman, you will note several consistancies here. Though some may clain this is only a conceptual read, there are many oppurtunities to take pieces of the book and apply it in daily architecture. For example, on page 88, it gives several examples of "Business Attributes" in identifying types of business drivers ranging from user, management, operational, risk management, legal/regulatory, technical strategies and business strategies attributes. Thinking these through (and identifying which key ones are important) early in the stages of security architecture help direct the design in the right way. Also, the book provides several real world examples to help illustrate the "whys".

I had the oppurtunity to attend training given by David Lynas on Enterprise Security Architecture. I would also recommend attending, as David walks through several exercises in how to apply this methodology.

In the end, if you are responsible for any security architecture, using the principles/concepts/methodologies in this book will assist in making more concious, sound, security decison making.
Comment 5 of 6 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover Verified Purchase
Loved it. Both the totality of the deliverables and process but the best part is that these Brits can write exceptionally well. Less than ten grammatical errors in a 600 page book. And that may be from my US English POV. This book is for the Don Quixote who needs to collect and organize the security pieces, catalog them, refine them and take on a windmill. I hope you like going big because that's why you better have Bill Clinton's charisma, your going to need it. Hercules cleaned the stables. Good Luck!!
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover Verified Purchase
The definitive guide to SABSA. If you are looking for a practical and actionable security architecture then look no further. More attainable than ITIL, SABSA provides the framework for solving security practioners vision, governance, policy and procedure concerns. It is a heavy but worthwhile read. For the aspiring CISM or CGEIT I'd say this should absolutely be on your bookshelf.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Enterprise Security Architecture: A Business-Driven Approach
This item: Enterprise Security Architecture: A Business-Driven Approach
Price: $74.91
Ships from and sold by Amazon.com

Want to discover more products? Check out these pages to see more: diagrams architecture, security architecture, sketch to pattern making, enterprise architect