technologies, business practices, and standards - in most cases,
            with insufficient funds, resources, or support!

            Architecture is the planning, designing, and building of a
            security program that brings together all the systems, networks,
            data, processes, applications, and services that support business
            operations in a cohesive, resilient, and trustworthy manner.

            The Information Assurance Technical Framework (IATF) used
            an  interesting  turn  of  phrase  to  describe  Information  Systems
            Security Engineering (ISSE). The IATF described ISSE as:



            Information Systems Security Engineering (ISSE) is the art and
            science of discovering users’ information protection needs and
            then designing and making information systems, with economy
            and elegance, so they can safely resist the forces to which they
            may be subjected. IATF, Chapter 3.


            Engineering is a core element of building a reliable information
            security framework. If security has not been engineered into the
            processes, applications, networks, operating systems, and other
            aspects of modern business practices, it is unrealistic to expect
            that the networks will be able to resist attack or compromise
            without our assistance.

            The description of ISSE as both an art and science is very
            accurate and meaningful. Information security requires both
            creativity and discipline; people and technology; prevention and
            correction; function and assurance, and policy and procedures.

            The security manager requires to provide direction and focus
            during the engineering and architecture efforts so that security is