Framework vs. Architecture

in SSCP
Hey all, I could use some clarification on terms Harris uses in her "Information Security and Governance and Risk Management" Chapter. Those two terms are: framework, versus architecture. Here is what I've got so far, let me know what you think, thanks:
An Enterprise Security Framework is a collection of Architectures, each of which are a document which demonstrates the alignment of business with (I.T.) Security goals from a specific viewpoint - be it from the CFO's point of view, in dollars and cents; from the CSO's perspective in the form of vulnerability information, etc.
I know that sounds kind of weird, but I figured I'd give it a shot for the time being.
Thanks!
Dovid
An Enterprise Security Framework is a collection of Architectures, each of which are a document which demonstrates the alignment of business with (I.T.) Security goals from a specific viewpoint - be it from the CFO's point of view, in dollars and cents; from the CSO's perspective in the form of vulnerability information, etc.
I know that sounds kind of weird, but I figured I'd give it a shot for the time being.
Thanks!
Dovid
Comments
Frameworks are industry specific generally and define how architectures are brought up
Best Regards,
Dovid
[/FONT]