From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,400 courses taught by industry experts.

Security requirement traceability matrix

Security requirement traceability matrix

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Security requirement traceability matrix

- [Narrator] If you use all the information you've learned throughout this course so far to identify and document your application security requirements, you'll have done a pretty stellar job at figuring out what controls you need to secure your applications. But there's still one more piece I want to cover. You'll want one additional document to help you keep track of all these requirements. Something you can use to track whether or not the developers actually implemented these security controls in the way you expected. You want a security requirements traceability matrix. The concept of a requirements traceability matrix is nothing new in the application development world. The only difference here is that your matrix should focus on application security requirements. A requirements traceability matrix, or RTM, is a document that captures each requirement at a high level as well as test case details related to each requirement. A traditional requirements test matrix is going to focus…

Contents