Produce security service pattern
Produce risk tree / attack tree for identified service
Produce Strategic Threat Assessment
Integrate Threat Intelligence to existing security tools
Conduct tabletop incident response exercise
Required pattern is known / defined
Service definition / documentation is available
Assessment will only consider Open Source / Web Intelligence sources
Client has (or will provide) access to costed threat intelligence sources or only requires use of Open Sources
Stakeholders limited to <10