4 Security as a Cross-Cutting Concern
Security Architecture is a cross-cutting concern, pervasive through the whole Enterprise Architecture. It can be described as a coherent collection of views, viewpoints, and artifacts, including security, privacy, and operational risk perspectives, along with related topics like security objectives and security services. The Security Architecture is more than a dataset; it is based on the ISM and ERM processes.
The TOGAF ADM covers the development of the four architecture domains commonly accepted as subsets of an Enterprise Architecture: Business, Data, Application, and Technology. The Security Architecture interacts with all four of them and is therefore called cross-cutting.
Figure 5: Security as a Cross-Cutting Concern through the Architecture
As a cross-cutting concern, the Security Architecture impacts and informs the Business, Data, Application, and Technology Architectures. The Security Architecture may often be organized outside of the architecture scope, yet parts of it need to be developed in an integrated fashion with the architecture. These touch-points will be explained in the next chapter.
TOGAF® is a registered trademark of The Open Group