SABSA Institute Community Forum

Just about to sign up for the SABSA foundation certificate. So far I think the framework is great and the roadmap is very practical.

However, I find that there are very little discussion of SABSA with regards to CISSP, CISA and how it compliments these?

Any feedback from those who have already started the journey will be great too.

Also, is there a way to know how many "master" and "practitioner" are there? The ISC2 have a site that list all CISSPs, do we have something like that?

Kind Regards,
Joshua

Hi,

First 5 mins here.
Just a quick observation about the website design... eh it is a little yesterday

Is it not possible to go to some nice Joomla or Drupal or even WordPress site? They provides more customisation and is easily implemented. It also provides ability to grow it. And apart from implementation time, they are close to free.

Just my 2cents.

Kind Regards,
Joshua

Can we grow the FAQ please? I gave a shot below for a question I received. However, if you have remarks/suggestions on the following question/answer, please share:

Q:I already use TOGAF, COBIT, ISO27002, why do I need SABSA?
A:SABSA is not a replacement for other methods or standards. SABSA is an architecture that allows any method or standard to cover their area, no need to do things twice. However SABSA ensures that everything around information risk is covered and in line with the business goals. If any conflict comes up, then that proves that there is a discrepancy with a business goal.

SABSA also provides a well documented link between business goal and investments doen and vice versa, a crucial capability to run the business and compliance.

Hi Everyone,

I am new to SABSA and would urgently need some information on how SABSA can be integrated with a J2EE based BPM application.

The J2EE based application possess connector and services to communicate in the following manner
a) Connecting or exposing SOAP (web services)
b) External Database
c) Java API / Servlets
d) MQ message
e) Any other file based contents

Does SABSA support any of the above mentioned integration methods?

Would be really helpful, if anyone can provide or point me to any information on
1) what technology is used by the SABSA framework?
2) what is the development platform for SABSA? IS the development platform available for download, in case we try to do some Proof of Concept using SABSA?

Thanks,
Sanjoy

Hi everyone,

I am at a loss as to how the enterprise security architecture report should be structured.
How do I present findings and recommendations professionally, the layout, what sections should be created or is there a template that can be of assistance?
Thank you.

I'm interested in finding out if anyone is working on the "Smart Grid", particularly in the area of cyber security. Has anyone used the SABSA methodology is this particular area?

Neil