This White Paper proposes a new framework for ensuring enterprise-level information security that reflects current realities of enterprise, network, and information sharing and access. In the “old” paradigm – one based on concepts of securing ownership of proprietary information – information securi ... (read more)

 

This white paper explores the advantages of this business-focused approach for creating security architecture. It discusses the pitfalls of a technology-centric approach, and recognises the challenges of integrating the business leadership team with the technology strategists in order to fulfil the ... (read more)

 

Numerous architecture framework standards have been developed and matured over the past decade and the focus of these frameworks is diverse. Many engineers believe there is an “either or” decision to be made regarding the frameworks, but this is not always the case. Some of these standards address c ... (read more)

 

This document is the Technical Standard for Risk Taxonomy. It has been developed and approved by The Open Group. This document provides a standard definition and taxonomy for information security risk, as well as information regarding how to use the taxonomy. The intended audience for this docum ... (read more)

 

Alignment between business and IT within an organization is a fundamental challenge facing all organizations today. This White Paper addresses the topic of why Enterprise Architecture matters to business today. Topics addressed in this White Paper include: • An introduction to Business Operation ... (read more)

 

Over time, the information security/risk management profession has developed a variety of methods for assessing risk within an organization. These methods often reflect the conditions and objectives of the organization being assessed (as understood by the assessor), the prevailing practices within t ... (read more)

 

An abundance of specifications and standards have emerged from the open standards organizations of OASIS, OMG, and The Open Group on the subject of Service Oriented Architecture (SOA). This joint document from OASIS, OMG, and The Open Group was written to help the SOA community at large to navigate ... (read more)

 

The Open Group Security Forum decided to develop design patterns for information security design because its members saw that a new, more flexible approach to security architecture is needed. There is a long history of The Open Group creating security specifications, providing structural guideli ... (read more)

 

Enterprise Architecture (EA) is the relatively new emphasis on a 20 year old concept that has been re-introduced or emphasized in the early 2000's to help organizations think of their businesses as an interconnected system of systems. If you just visualize the Lego blocks for your business, the EA i ... (read more)

 

How can we ensure that each service contributes appropriately to the viability of the whole enterprise? Tom Graves introduces the Viable Services Model and describes how we can use it for business transformation, enterprise architecture and ITIL implementation efforts. (read more)