In this article
- Adding an Out of Scope component to a threat model
- Nesting components in the Out of Scope component to create a parent-child relationship
About Out of Scope components
Out of Scope components allow the threat modeler to nest other components without those items impacting the risk ratings or prioritizations in the current project threat model.
- From the threat model architecture diagramming interface, navigate to the Out of Scope component and add it within a trust zone on the threat model diagram. The Out of Scope component can be found by searching or by navigating to the General - IriusRisk component category.
- Drag and drop additional components into the Out of Scope component and resize appropriately to fit the size and shape needed.
- Select that component from the threats interface and move those threats to not-applicable.
- These nested child components are now considered out of scope with the current threat model and will not have an impact on the risk scoring or prioritization.