Identify threats to the security scope and their business impacts on confidentiality, integrity, and availability of enterprise IT systems and data
Consider the threats in terms of most likely and most dangerous so that the most important threats are considered
