Information Systems Security Engineering Professional (ISSEP)
3.1.1 Define security roles and responsibilities
3.1.2 Understand stakeholders’ mission/business and operational environment
3.1.3 Identify security-relevant constraints and assumptions
3.1.4 Identify and assess threats to assets
3.1.5 Determine protection needs
3.1.6 Document stakeholder requirements
3.1.7 Analyze stakeholder requirements