Frameworks, guidance, and publications for practical security architecture

Assured Control Enterprise Security Architecture

Resource

Security Controls Matrix

The long-running Assured Control matrix that organizes security domains, controls, and business drivers into a usable working taxonomy.

What’s inside

01

Primary source material, summaries, and references kept together

02

Downloads and supporting artefacts surfaced close to the content

03

Long-form guidance laid out for practical reading rather than promotion

A recognisable working artefact

The Controls Matrix is one of the most established pieces on the original site. It began as a reference to support design documents and evolved into a broader taxonomy that is still used in architecture work.

What the matrix is for

The matrix helps practitioners:

  • organize security controls coherently
  • map relationships across domains and layers
  • identify coverage gaps
  • keep architecture work connected to business drivers

It is intentionally practical rather than framed as a compliance checklist.

Why it still matters

The original site makes an important point: there are already too many standards documents treated as ends in themselves. This matrix is useful as a working tool. Used well, it helps structure thinking in ways that can support alignment with multiple standards without becoming trapped by any single one.

Security Controls Matrix

Downloads