Value Statement

Providing consistent updates to our threat models helps us understand the status of our security posture and identify areas of weakness. Without an up to date threat model we lack a critical tool in maintaining the security of ACM and related projects.

Definition of Done for Engineering Story Owner (Checklist)

• Threat Model updated and pull request opened in https://github.com/stolostron/acm-threat-model
• If the pull request includes changes to architecture, updates to network traffic, new features, or other significant changes please schedule a meeting with HCM Secure Engineering to review

Secure Design

• [ ] Security has been assessed and incorporated into your threat model.