TOGAF Risk & Security | Real IRM

Real IRM

Leading Enterprise Architecture Value™

TOGAF Risk & Security


A Security Architecture is a structure of organisational, conceptual, logical, and physical components that interact in a coherent fashion to achieve and maintain a state of managed risk and security (or information security). The Security Architecture does not exist in isolation. As part of the enterprise, it builds on enterprise information that is already available in the Enterprise Architecture, and it produces information that influences the Enterprise Architecture. This is why a close integration of Security Architecture within the Enterprise Architecture is beneficial.

Course Description

During this 4 day course, delegates will learn about security and risk concepts in relation to the TOGAF® Architecture Development Method (ADM), Information Security Management (ISM), the broader concept of Enterprise Risk Management (ERM), and the relationships with other IT security and risk standards like the ISO/IEC 27000 family, ISO 31000, and COBIT®. In addition, delegates will learn the concepts of Enterprise Security Architecture (ESA), ERM, and ISM, and how security and risk management form a cross-cutting concern for the organisation in general and for the Security Architect in particular. Architecture artefacts, called "concepts" in the SABSA framework, produced through the application of the TOGAF ADM are drawn from both the TOGAF and SABSA frameworks.



Course Content

  • Course Introduction
  • Introduction to the TOGAF Standard
  • Unit 1: Introduction - Essential Concepts of Security and Risk
  • Unit 2: IT Security and Risk Standards
  • Unit 3: Enterprise Security Architecture
    • Enterprise Risk Management (ERM)
    • Information Security Management (ISM)
  • Unit 4: Security as a Cross-Cutting Concern
  • Unit 5: Security and Risk Concepts in the TOGAF ADM

Course Outcomes

Individuals who have completed this course should understand: 

  • The essential concepts of security and risk, and can relate them to the TOGAF ADM 
  • How international IT security and risk standards, including SABSA are related to the TOGAF standard 
  • The concepts of Enterprise Security Architecture (ESA), Enterprise Risk Management (ERM), and Information Security Management (ISM) 
  • Why security is a cross-cutting concern, pervasive through an Enterprise Architecture 
  • How security and risk principles can be applied to the TOGAF ADM 
  • The relationship between the TOGAF Architecture Content Metamodel and ISM and ERM respectively
  • How to apply SABSA techniques relevant for developing the Security Architecture.

Course Instructors

The course instructors have architecture experience both from consulting and corporate viewpoints and thus are familiar with many real-world challenges. Our instructors are also TOGAF 9.2 certified and hold the Integrated Risk and Security credential from The Open Group.


Who should attend?

  • Individuals requiring an understanding of security and risk concepts in relation to the TOGAF Architecture Development Method (ADM)
  • Individuals requiring an understanding of Enterprise Security Architecture, Enterprise Risk Management, and Information Security Management
  • Professionals working in roles associated with Enterprise Security Architecture.

Course Logistics

Courses are available on the public training schedule or on request for groups of five or more candidates.

Course Fees

R19 800 excl VAT per delegate

Request a quote

We accept EFT and credit card payments.

Course Pack Includes...

A printed course manual
Online resources

Cancellation Policy

There is a 100% cancellation fee for cancellations made within ten working days of the start of the training event.

Register with Real IRM

Event City Start Date Read More & Register
TOGAF Risk & Security Training Edenvale 14 Aug 2023 Register

Training News

November 2019 saw The Open Group release its latest version of the ArchiMate ® modeling language for Enterprise Architecture.

Version 3.1 is an update from Version 3.0 which was released in 2016. The update may be minor, but the new version holds a number of useful additions and improvements for Enterprise Architecture practitioners.

The three most notable improvements are:
- The addition of a value stream element
- The introduction of a directed notation for association
- Further formalization and refinement of the rules for deriving relationships

2019 has seen the launch of The Open Group’s TOGAF Business Architecture Level 1 qualification. Real IRM prides itself as being the only service provider to offer this accredited course and credential in South Africa.

The credential is aimed at individuals who want to validate their knowledge and understanding of Business Modelling, Business Capabilities, TOGAF Business Scenarios, Information Mapping, and Value Streams by applying them in the development of a Business Architecture based on the TOGAF ® Standard Version, 9.2.

The Open Group ArchiMate® Forum will make available the latest version of the ArchiMate Specification®, version 3.0, with a series of announcements and events to take place throughout the months of June and July.

The latest evolution has the following new features:

The ArchiMate 2.1 Specification and supporting materials were released today. ArchiMate 2.1 is a maintenance update to ArchiMate 2.0, addressing comments raised since the introduction of ArchiMate 2.0 in 2012.

The Open Group has announced their new Open FAIR Certification Program aimed at Risk Analysts. The certification program focuses on The Open Group Risk Taxonomy and Risk Analysis standards which have advanced the risk analysis profession by defining a standard taxonomy for risk, and by describing the process aspects of a rigorous risk analysis. 

In order to become certified, Risk Analysts must pass an Open FAIR certification exam which is currently available at Prometric Centres. Training courses will be delivered through an Open Group accredited channel. 

The Open Group announced that a new ArchiMate 2.0 Foundation certification exam is available through accredited training organizations and also at Prometric test centres around the world.

ArchiMate® certification is for architects who want an internationally recognised qualification to demonstrate their detailed knowledge and ability to apply ArchiMate 2.0. It is targeted at those individuals who require a deep understanding of ArchiMate® and/or are responsible for developing architecture artifacts using the language. The certification is also intended for architects wanting to introduce ArchiMate® into their architecture practices.

Course Instructors

Trainer - Michael Payne

Michael Payne

Michael Payne is an IT professional who writes, speaks, lectures and consults on various IT-related topics. Currently, Michael works for Real IRM as a trainer and senior consultant. He presents various courses including TOGAF® 9 Level 1 & 2 training and the EA Bootcamp.

Training Articles

In addition to its capabilities for modeling and designing software systems, Sparx Enterprise Architect is also a powerful tool for enterprise architecture. Enterprise architecture is the practice of designing and organizing a company's IT systems, processes, and data in a way that aligns with the overall goals and strategies of the organization.

We are pleased to announce that we now offer live, virtual training which delegates can attend from the comfort of their own homes or offices.

This is another way to ensure that all our delegates can access our training throughout South Africa and the world, whilst not having to worry about traveling. Delegates will have the same high quality content presented as if they were in a face-to-face class, and will still have the opportunity to interact with the trainer and fellow delegates during the course.

The Open Group has launched a Risk and Security standard and Credential for Security Architects, and Real IRM is offering this accredited course as part of its course portfolio.

The credential is aimed at individuals who work in roles related to Enterprise Security Architecture, Enterprise Risk Management, or Information Security Management and require an understanding of security and risk concepts in relation to the TOGAF Architecture Development Method (ADM).

The course, which focuses on knowledge and comprehension, helps individuals better understand:

As organisations embrace rapid and radical digitisation, new demands are placed on individuals, and new skill-sets rise into popularity.

For those in traditional Business Analyst and Project Management roles, one of the most opportunity-laden directions to evolve into is Business Architecture.

Business Architecture, as one of the Enterprise Architecture domains, regularly features on lists of hottest, most in-demand IT skills. It’s a natural extension of Business Analysis, for those looking to elevate their career to a more strategic level.

Enterprise Architecture specialist Real IRM has launched a two-day training programme – aimed at certifying individuals in The Open Group IT4IT™ Reference Architecture standard.
This coincides with The Open Group conference in London this week which saw the official launch of the IT4IT™ certification. Real IRM is immediately bringing the certification to South African shores to add to their existing portfolio of international certification programmes from The Open Group – which includes TOGAF® and ArchiMate®.

IT specialists interested in developing their expertise in the rapidly-growing field of Enterprise Architecture (EA) can now benefit from the Zachman Framework course, from leading EA training provider Real IRM.
This newly-designed course is ideal for those looking to get to grips with one of the most fundamental frameworks in the field. It is perfect for individuals who aspire to become architects, since it deals with some of the fundamental building blocks of EA.

Enterprise Architecture specialists Real IRM has launched a new training course designed for business analysts who are required to use Unified Modelling Language (UML).

The course helps to more closely link the disciplines of business analysis and technical implementation. It empowers analysts with a solid foundation in UML, and allows them to write UML specifications, without being drowned in technical detail.