Enterprise security architecture or ESA is a framework that sets the standards to secure a business. Examples of ESA frameworks include ISO 27001/27002 (international organization for standardization, ITIL (information technology infrastructure library), and NIST SP 800-37 (national institute of standards and technology special publication). ESA simply assesses risks and quantify threats and vulnerabilities, so they can have mitigation in place for specific line items.
All these frameworks pretty much provides high level strategies for designing and implementing various security measures. Each frameworks have its benefits and some organizations use multiple frameworks.
HansITAcademy 