ABSTRACT
The security architecture group provides both the road map
for risk management and the security controls utilized by
an organization. Its function is important in providing risk
management for the institution and for coordinating the
controls that reduce that risk. The security architecture is
created from data incorporated from other security func-
tions. These sources include functional security policy,
metrics of past incidents, and evaluations of new threats
that could be detected from the security operations function
or the risk assessment function. Security policy input is
used to illustrate the amount of risk the business is willing
to accept and this information is used to define the security
standards used throughout the entity for specific technolo-
gies. The policy assists in defining the functions and
requirements required by the architecture. An example of
this would be the security policy requiring that certain data
be encrypted. The security architecture would need to
define the way that requirement would be accomplished
in the various areas of the enterprise. Additionally, the
security architecture needs to address past incidents that
have caused damage to the company. These incidents
indicate areas that may require improved or revised secur-
ity controls. New threats may require alterations in the
security architecture and additional controls. The security
architecture must also integrate with the existing technol-
ogy infrastructure and provide guidance in establishing the
proper risk controls necessary for the enterprise to perform
its business securely, both in the present and in the future
(Fig. 1).