There are five main reasons why they turn to the architecture of information security:
Tired of fighting the inconsistency of the activities of the units involved in the organisation of IS - the IT department, the legal department, internal control, etc.
Dissatisfaction of users and management of the current state of information security at the enterprise is growing.
It is time to consider the return on information security.
There is a misunderstanding of the ways of developing information security in a company. Priorities of projects and technologies are not defined.
The IS service wants to break free of the negative attitude towards itself, tightness within a narrow framework, which does not allow demonstrating its value to business.
It can be seen that, as a rule, the architecture of information security is needed by large enterprises - in small businesses there are no problems described or they are not so acute. Large companies do not need architecture only in conditions of stability.
More info @ security architect job description