Information Technology Reference
In-Depth Information
The details of the frameworks are but a shadow of the depths to which each
may extend. These frameworks play a role in organizational governance, manage-
ment, and operations, including security governance, security management, and
security operations. The IA
2
Framework is unique from the above frameworks, yet
may include all of the above in various stages of the IA
2
Process. Each one of the
frameworks is another tool for the IA practitioner, the business manager, and the
IA architect. Choose the right tool for the right job. Modify the tool for the job at
hand; scale it down or extend it according to your need.
12.17
iA
2
Framework Context
The complementary use of the frameworks in this chapter and the IA
2
Frame-
work provides you with a set of tools to identify, enumerate, articulate, and address
business risk in an enterprise context. Any particular element of the ELCM, ECF,
ROI, and SATE will have details that pertain to each IA
2
view. Each IA
2
view for
any particular element may have details of one or more IA core principles. The
details may be quite complex and quite voluminous. The point of IA
2
is to provide
tools, templates, and guidance to manage that complexity and focus on the relevant
aspects within the volume of details. Appendix B
contains a series of tables to cap-
ture IA details in terms of motivations behind IA, IA options, IA planning, and
details of IA development, operations, maintenance, and performance.
