What Does Security Requirements Traceability Matrix Mean?
A security requirements traceability matrix (SRTM) is a grid that allows documentation and easy viewing of what is required for a system’s security. SRTMs are necessary in technical projects that call for security to be included. Traceability matrixes in general can be used for any type of project, and allow requirements and tests to be easily traced back to one another. The matrix is a way to make sure that there is accountability for all processes and is an effective way for a user to ensure that all work is being completed.
Techopedia Explains Security Requirements Traceability Matrix
An SRTM between security requirements and test activities would have a grid much like an Excel spreadsheet, with a column for each of the following:
- Requirement identification number
- Description of the requirement
- Source of the requirement
- Objective of the test
- Verification method for the test
Each row is for a new requirement, making an SRTM an easy way to view and compare the various requirements and tests that are needed in a particular security project. Links should also be included, guiding users to areas where information on the requirements or tests is located.