Security requirement offers a method to capture and align security needs with business objectives. The process is intended to prioritise important requirements and avoid the unnecessary cost associated with the Could Have requirements. It’s a formal method for inspecting a security design and confirm it meets the requirement, measuring progress and realisation its benefits. It may be a condition or a statement of desires for a security capability required by stakeholders or to achieve an objective. Stakeholders will be able to know what security solution will be offered; clearly unambiguously and the scope of work can be defined.