Threat Modelling aims to identify threats and vulnerabilities to apply controls to mitigate the risks. Killing the Cyber Security Kill Chain is an approach for Threat Modelling with ISO 27001 controls. Here is the link to the presentation (c) Creative Commons Attributed