Dojo

Learn by doing.

This creates a real threat model and walks you through every step. You will fill in answers, assess outcomes, delegate questions, and review the audit trail. A guide bar follows you through the tool showing what to do at each step and why.

Choose your role

You will be threat modelling

NHS Patient Portal

Web-based portal allowing patients to view appointments, request repeat prescriptions, access test results, and message their GP practice. Integrated with NHS Spine via MESH for demographics and GP2GP for record transfers.

Health and Social Care

People involved

Dr Sarah Chen Clinical Lead / Data Owner Phase 0, Outcomes

Marcus Webb Platform Engineering Lead Phase 2, Phase 3

Priya Sharma IG and Compliance Officer Phase 0, Evidence

James Okonkwo SOC Analyst Phase 3 (SOC, Monitoring)

Director of Digital Management Sponsor Risk decisions, Budget

11 steps

1. Name your system2. Declare your data types3. Describe how data enters the system4. What can go wrong at collection?5. Add supporting detail6. Identify your components7. Assess a CAF outcome8. Run a STRIDE analysis9. Delegate a question10. Review the event log11. You just built a threat model.

Not signed in. The dojo system lives in your browser session only.