This Basic Elements of Federal Enterprise Architecture include many elements related to information security and risk management, allowing investment owners to align some security-related activities to correlated business processes, performance measures, data exchanges, services, and technologies specified in agency enterprise architectures. Recognizing a gap between organization-level activities, which EA frequently focuses on, and system-level security and privacy, the CIO Council sponsored the creation of a Security and Privacy Profile to link the FEA reference models and NIST security standards and guidance, as well as to aid in the identification of organizational security and privacy requirements.
