A common or "concensus" threat model should be a primary goal of the security engineering community. This model should characterize the threat environment in a way that leads to risk management decisions that lead to actionable and engineering outcomes.
In this categorization scheme, threat actors are grouped by their demonstrated or potential capabilities. In the concept phase of a project, the categorization scheme allows risk managers and engineers to see the kinds of capabilities that an information system must be designed to withstand - using accessible language and examples. This, in turn, should lead to a practical discussion about what is feasible in the context of the project. Alternative architectures can be traded with cost and functionality to achieve the desired operating risk. In some cases, certain business processes and information may need to be removed from the project and considered separately. At worst, it may be determined that the project cannot achieve the desired functionality with the desired level of risk. This last outcome is not a failure because it acknowledges a problem before the project gets off the ground. This is rare in information system security.
A useful analogy can be found in civil engineering. When constructing a bridge or building, the context of the project must consider the threat landscape. This may, for example, involve selecting the highest magnitude of earthquake that a bridge will be constructed to withstand (assume for the moment that this is not already selected by virtue of a building code). Regardless of the risk management process used to arrive at this magnitude, the result sets the engineering target for the bridge in terms of acceptable architectures and the forces that must be withstood. A number of architecture and design options can be selected to try to fit the structure into the available funding envelope. Other factors could also be considered such as restricting the kinds of traffic that can flow on the bridge or the number of floors a building can have. Location could be changed to take advantage of environmental factors (e.g. a smaller span at a further distance from the desired location). Perhaps, after all of this, a safe bridge or building can't be built using the allocated funds. At the end of the day, there will either be a structure that is secure to the level desired or a decision point that allocates more resource or cancels the project.