Establish a Dynamic Business Driven Integrative Information Security Architecture

With Respect to the challenges most organizations are facing when considering information security management, especially how to demonstrate the value of security to senior leadership and how to meet all kinds of legislations in one place, this article describes a dynamic business driven integrative information security architecture to address those problems. By designing the architecture through three levels which are domain level, component level, and control level, the architecture is target to establish alignment and traceability between business and security, build customer service concept within security practices, establish a dynamic and integrative framework, and manager information security in a more predictive and proactive manner. By applying this architecture into a real life business case, the fact shows that after the implementation, the major security indicators have been visibly improved.