Risk-Driven Enterprise Information Security Architecture

B.

Out of the four options, the method that would be most appropriate for developing a risk-driven enterprise information security architecture and delivering security infrastructure solutions that support critical business initiatives is the Sherwood Applied Business Security Architecture (SABSA).

SABSA is a framework that provides a holistic approach to security architecture, integrating business requirements and risk management into the process. It is a risk-driven approach to security architecture that focuses on addressing business goals and objectives, as well as identifying and mitigating security risks.

The SABSA framework consists of six layers: the business layer, the information layer, the application layer, the technology layer, the physical layer, and the people layer. Each layer represents a different aspect of the enterprise's security architecture and how it supports the business.

SABSA also provides a methodology for designing and implementing security solutions that align with business goals and objectives. The methodology includes six stages: strategy, planning, design, implementation, testing, and management. Each stage is designed to address specific aspects of the security architecture and ensure that security solutions are aligned with the enterprise's goals and objectives.

In summary, SABSA is a comprehensive framework for developing a risk-driven enterprise information security architecture and delivering security infrastructure solutions that support critical business initiatives. It provides a holistic approach that integrates business requirements and risk management into the security architecture process, ensuring that security solutions are aligned with business goals and objectives.