SABSA EXAM
what - answer assets
why - answer risk and motivation factors
how - answer process factors
who - answer people factors
where - answer location factors
when - answer temporal factors
business view - answer contextual
architects view - answer conceptual
designers view - answer logical arch
builders view - answer physical arch
trademans view - answercomponent arch
managers view - answermanagement arch
buisness driven requirements & strategy - answercontextual en conceptual
contextual - answerassets, opps and htreats, business value chaine, org stcture,
invetnory of vuildings, time dependencies of business goals
conceptual - answerbusiness attributes, tax and profile, risk management strategy
objectives, strategys for process assurance, risk and governance trust framework,
domain framework, the time management framework
logical - answerinventory of information assets, risk management policies, process
maps and services, trust rlationships, domain maps, calendar & timetable
physial - answerdata assets, risk management practices, process machansms, human
interface, nfra, process sched
components- trademan - answercomponent assets (tools), risk management
components and standrds, human entitites: compomnts and standards (job descrip.),
, locator components & standrds: nodes, addressses, step timing and sequecng
tools( tme sched)
Managerviews - answerdeliery and continuity management, opp risk management ,
process delivery manage,et governance, relationship and personnel manageent,
environment maangmenet, time & performance managmeent
sabsa matrix - answerartefacts/deliverables
maangement matrix, - answeractions
isnpectors - answerarch compoolete, rubust ffp, consistent
completemenss - answerevery business req for sec is met and the residual risk is
acceptable to the business apptetite
justifcation - answerevery oopration or technological sec element can be justified by ref
to a risk prioritised business req
Logical layer- dsigner - answerPolicies: Domain policies, Service Oriented arch, trust
models
Physical arch - answerProcedures: Risk Management Rules & Procuedures,
Component arch: - answerstandards
information asset value - answeraccuracy & completeness, timeliness and availability &
relevance
Information assets - answervirtual, logical, not stored in specific location. Context has
meaning trhough org and presentation
Data assets - answerstored in a specific location, no context untl org, arranged and
developed)
Logical arch - answerconcerned with information security systems and functionality. not
tied to specifc location
physcal arch - answerconcrned with data securty and infra security. tied to specific
physical domain and location. physical layer is securing the data by deploying security
mechanisms. Securing the data over the interfaces.
Stategy & planning(sabsa) - answerservice strategy (itil)
design (sabsa) - answerservice desing(itil)
what - answer assets
why - answer risk and motivation factors
how - answer process factors
who - answer people factors
where - answer location factors
when - answer temporal factors
business view - answer contextual
architects view - answer conceptual
designers view - answer logical arch
builders view - answer physical arch
trademans view - answercomponent arch
managers view - answermanagement arch
buisness driven requirements & strategy - answercontextual en conceptual
contextual - answerassets, opps and htreats, business value chaine, org stcture,
invetnory of vuildings, time dependencies of business goals
conceptual - answerbusiness attributes, tax and profile, risk management strategy
objectives, strategys for process assurance, risk and governance trust framework,
domain framework, the time management framework
logical - answerinventory of information assets, risk management policies, process
maps and services, trust rlationships, domain maps, calendar & timetable
physial - answerdata assets, risk management practices, process machansms, human
interface, nfra, process sched
components- trademan - answercomponent assets (tools), risk management
components and standrds, human entitites: compomnts and standards (job descrip.),
, locator components & standrds: nodes, addressses, step timing and sequecng
tools( tme sched)
Managerviews - answerdeliery and continuity management, opp risk management ,
process delivery manage,et governance, relationship and personnel manageent,
environment maangmenet, time & performance managmeent
sabsa matrix - answerartefacts/deliverables
maangement matrix, - answeractions
isnpectors - answerarch compoolete, rubust ffp, consistent
completemenss - answerevery business req for sec is met and the residual risk is
acceptable to the business apptetite
justifcation - answerevery oopration or technological sec element can be justified by ref
to a risk prioritised business req
Logical layer- dsigner - answerPolicies: Domain policies, Service Oriented arch, trust
models
Physical arch - answerProcedures: Risk Management Rules & Procuedures,
Component arch: - answerstandards
information asset value - answeraccuracy & completeness, timeliness and availability &
relevance
Information assets - answervirtual, logical, not stored in specific location. Context has
meaning trhough org and presentation
Data assets - answerstored in a specific location, no context untl org, arranged and
developed)
Logical arch - answerconcerned with information security systems and functionality. not
tied to specifc location
physcal arch - answerconcrned with data securty and infra security. tied to specific
physical domain and location. physical layer is securing the data by deploying security
mechanisms. Securing the data over the interfaces.
Stategy & planning(sabsa) - answerservice strategy (itil)
design (sabsa) - answerservice desing(itil)
