Module A1 – Advanced SABSA Risk Assurance & Governance (Outline)

All Advanced modules follow the SABSA method sequentially as it relates to a specialist professional area. Module A1 applies SABSA to the areas of Risk, Assurance & Governance.


Risk, Assurance & Governance in the SABSA Framework

Strategy & Planning - Establishing Risk Context

Strategy & Planning - Risk Identification

Strategy & Planning - Risk Analysis & Assessment

Strategy & Planning - Risk Evaluation

  • The role of Risk & Risk Management
  • SABSA Risk & Opportunity Model
  • Business-driven architectural decomposition in
  • Risk, Governance & Assurance
  • The SABSA Risk Management Process (RMP)
  • Overview & Meta-model
  • Domain-based Risk Context
  • Identifying Stakeholders & Risk Owners in a
  • SABSA Governance Framework
  • The SABSA-Extended RACI Model
  • External Context Analysis
  • Taxonomies & PESTELIM Analysis
  • Internal Context Analysis
  • Taxonomies & SABSA-based SWOT Analysis
  • Through-life Risk Perspectives
  • Threat & Opportunity Event Identification Taxonomies
  • Vulnerability & Strength Identification Taxonomies
  • Using Attribute Taxonomies for Identifying Risk Consequences
  • SABSA Approach to Risk Assessment
  • Applying the SABSA Performance Measurement Framework to Assess Assets at Risk
  • Assessing Threat & Opportunity Event Probability
  • Assessing Risk Likelihood
  • SABSA Approach to Risk Appetite Thresholds
  • SABSA Approach to Assessing Risk Consequences
  • SABSA Application of Risk Levels to Provide Early Warning Capability
  • Risk Evaluation Criteria
  • Risk-Architecting Complex Enterprise Environments

Strategy & Planning – Risk Treatment Strategy

Design & Implement – Risk Treatment

Manage & Measure – Risk Management

Through-life Governance

Through-life Assurance

  • Objectives for Enablement & Control
  • Risk Treatment Dependency Modelling
  • Risk Treatment Traceability
  • Risk Finance Strategy
  • Role of Pure & Residual Risk
  • SABSA Risk Treatment Lifecycle
  • Risk Policy & Management Architecture
  • SABSA Multi-tiered Control Strategy
  • Balanced Risk Treatment Decisions
  • The Control System in a Control Feedback Loop
  • Through-life Vitality
  • Treatment Inheritance & Re-use
  • The Role of Key Risk Indicators & Analysing Change
  • Considerations & Implications for Risk Systems & Dashboards
  • SABSA Governance Model Revisited
  • Lifecycle Perspectives
  • Risk Communications Architecture
  • SABSA Assurance Framework & Model
  • Assurance Levels & Correlation with Risk Levels
  • Defining & Populating Assurance Matrices

Competency Development Outcomes

  • Experience in applying the SABSA Risk Management Process, Assurance Framework & Governance Model to their specific organisation, sector and culture;

  • The skills and competence to plan, design, implement and manage a SABSA Risk Management Architecture through-life;

  • The skills and competence to plan, design, implement and manage the SABSA Assurance & Governance Frameworks;

  • Customised strategies and detailed work-products to apply the SABSA Risk Management Process, Assurance Framework and Governance Models, on Domain and Enterprise basis, and throughout the business lifecycle.

Who Should Attend

Any SABSA Chartered Practitioner Architect (SCP) Candidate, SABSA Chartered Master Architect (SCM) Candidate, and any professional seeking to develop practical advanced competency to architect Business Risk, Assurance and Governance structures and processes.

Register for a SABSA Advanced Course.