Wednesday 13th May 2026, 11:00-12:00 (BST, London)
One of the many benefits of SABSA is its inherent auditability: the ability to demonstrate compliance with multiple control frameworks simultaneously, regardless of how numerous, how dynamic, or whether mandated by regulations, standards, policies or maturity models. It achieves this by providing the template for what it refers to as an Integrated Compliance Framework.
Meanwhile, the need for such an approach has never been more vital as compliance teams are challenged with ever more regulation, more frequent audits and while held accountable to higher levels of evidence and rigour.
But many will have experienced that building such a framework is severely ‘non-trivial’ and maintaining one even harder – particularly if the only available tools are implemented in spreadsheets.
In this presentation, security-modelling expert, Steven Bradley, will show how to assemble an integrated, low-maintenance compliance framework from re-usable components modelled in ArchiMate.
He will then show how the inherent ability to query this framework with scripts can identity the subset of controls, from the thousands cited in source documents, that are directly applicable to a given context.
The session should be of value to a wide range of GRC practitioners that may be encountering challenges now, or in the near future, and would be interested in seeing what a SABSA architected approach can contribute to the solution.