Security Requirements Traceability Matrix (SRTM)

Last Updated: August 18, 2011

Definition - What does Security Requirements Traceability Matrix (SRTM) mean?

A security requirements traceability matrix (SRTM) is a grid that allows documentation and easy viewing of what is required for a system's security. SRTMs are necessary in technical projects that call for security to be included. Traceability matrixes in general can be used for any type of project, and allow requirements and tests to be easily traced back to one another. The matrix is a way to make sure that there is accountability for all processes and is an effective way for a user to ensure that all work is being completed.

Free White Paper: "AI and ML in the Oil and Gas Industry". Take a look at 10 real-world use cases that demonstrate how AI and ML are already being used in the oil and gas industry, and how AI innovation can help renew the industry.

Techopedia explains Security Requirements Traceability Matrix (SRTM)

An SRTM between security requirements and test activities would have a grid much like an Excel spreadsheet, with a column for each of the following:

Requirement identification number
Description of the requirement
Source of the requirement
Objective of the test
Verification method for the test

Each row is for a new requirement, making an SRTM an easy way to view and compare the various requirements and tests that are needed in a particular security project. Links should also be included, guiding users to areas where information on the requirements or tests is located.