Enterprise Architecture

Latest ResearchJoin Group
Enterprise Architecture v2.0
Enterprise Architecture v2.0

Download

Join this working group
Enterprise Architecture
Cloud security architecture helps cloud providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations, and practices. The CSA Enterprise Architecture creates a common roadmap to meet the cloud security needs of your business. It is both a methodology and a set of tools that enable security architects, enterprise architects and risk management professionals to fulfill a set of common requirements that risk managers must use to assess the operational status of internal IT security and cloud provider controls. 

The CSA cloud computing architecture is guided by business requirements. In the case of the CSA Enterprise Architecture, these requirements come from the Cloud Controls Matrix (CCM) guided by regulations such as Sarbanes-Oxley, standards frameworks such as ISO-27002, the Payment Card Industry Data Security Standards, and the IT Audit Frameworks, such as COBIT, all in the context of cloud delivery models such as SaaS, PaaS and IaaS. The working group has developed an interactive website to learn about and explore the cloud reference architecture

The CSA Enterprise Architecture was used as the basis for NIST security reference architecture (SP500-299, SP500-292). 

Enterprise ArchitectureConsensus AssessmentsCloud Controls MatrixCCAKSTAR

This group follows closely to the CCM working group in order to map the architecture domains that help enterprises identify critical components that are key to their cloud security architecture. These domains, when agreed upon to an adjacent CCM control domain, create a larger picture for easily implementing strategies.

Next Meeting

Apr 30, 2021, 12:00PM PDT
Join the Meeting



Working Group Leadership

Jon-Michael Brook Headshot

Jon-Michael Brook

Michael Roza Headshot

Michael Roza

Join this working group

Cloud Security Research for Enterprise Architecture

CSA Research crowd-sources the knowledge and expertise of security experts and helps address the challenges and needs they’ve experienced, or seen others experience, within the cybersecurity field. Each publication is vendor-neutral and follows the peer review process outlined in the CSA Research Lifecycle. We recommend getting started by reading the following documents.

Enterprise Architecture Reference Architecture Quick Guide

Enterprise Architecture Reference Architecture Quick Guide

This quick guide provides an overview of what the Enterprise Architecture is, the challenges it helps solve and how to use it. The Enterprise Architecture itself is a comprehensive approach for the architecture of a secure, identity-aware cloud infrastructure which leverages four industry standard architecture models: TOGAF, ITIL, SABSA, and Jericho. This quick guide covers the following domains: security and risk management, information technology operation and support, business operation support services. It also covers presentation, application, information and infrastructure services. The Enterprise Architecture can be used in multiple enterprise security design phases, from assessing opportunities for improvement and creating road maps for technology adoption, to defining reusable security patterns and assessing various cloud providers and security technology vendors against a common set of capabilities. We recommend reading this quick guide before ...

Enterprise Architecture v2.0

Enterprise Architecture v2.0

The Enterprise Architecture is both a methodology and a set of tools that enable security architects, enterprise architects and risk management professionals to leverage a common set of solutions that fulfill their common needs to be able to assess where their internal IT and their cloud providers are in terms of security capabilities and to plan a roadmap to meet the security needs of their business.

Enterprise Architecture to CCM Shared Responsibility Model

Enterprise Architecture to CCM Shared Responsibility Model

The EA-CCM Shared Responsibility Model is a companion piece with the EA-CCM Mapping.The mapping of CCM controls per the Shared Responsibility Model according to the following service levels - IaaS, PaaS, SaaS. It is intended to give the reader an overview of cloud responsibility with the specific control domain from the view of either the cloud service provider and/or the cloud consumer. 0 (zero) signifies no responsibility, whereas the placement of a 1 (one) signifies the given responsibility. From here, the reader can map that control domain back to the CCM control for further guidance and architecture.

Blog Posts

Enterprise Architecture Cloud Delivery Model - CCM Mapping
CSA Issues Top 20 Critical Controls for Cloud Enterprise Resource Planning Customers