Although often associated strictly with information security technology, it relates more broadly to the security practice of business optimization that addresses business security architecture, performance management and security process architecture as well. Organizations today require their applications and infrastructure to be in a secure environment to keep their business running strong. To achieve this, it is critical that every single element involved in the business is protected against any sort of threat, external or internal by putting processes with proactive and reactive measures to safeguard against such instances.
Enterprise Information Security Architecture is becoming a common practice within the financial institutions around the globe. The primary purpose of creating an enterprise information security architecture is to ensure that business strategy and IT security are aligned. As such, enterprise information security architecture allows traceability from the business strategy down to the underlying technology.