Enterprise Information Security Architecture(EISA)

Enterprise information security architecture (EISA) is the practice of applying a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization’s security processes, information security systems, personnel and organizational sub-units, so that they align with the organization’s core goals and strategic direction. Although often associated strictly with information security technology, it relates more broadly to the security practice of business optimization in that it addresses business security architecture, performance management and security process architecture as well.

  • Aligning the Strategic Vision with the Business Vision

  • Enterprise Security Architecture is essential to align your business strategy to IT security

  • Achievement of business strategy- New technologies can enable business benefits, though a robust EISA is required to fully capitalize on opportunities

  • EISA aligns risk management to business strategy, allowing technology to be embraced and support your organizational goals

  • Leveraging policy, rules and human knowledge

  • A successful Promotion of operational efficiency and effectiveness

  • Facilitation of operational control and nimbleness in periods of rapid change


  • Strategic Alignment

  • Effective Risk Management

  • Value Delivery

  • Resource Management

  • Performance Measurement

  • Process Assurance Integration