Matrix documenting the system’s agreed upon security requirements derived from all sources, the security features’ implementation details and schedule, and the resources required for assessment.
Sources:
CNSSI 4009-2015