Requirements Traceability Matrix
LMU/COICP Example
Traceability Matrix Example
Connect LMU/COICP requirements to scenario evidence, stakeholder needs, use cases, verification methods, and downstream Planning, Architecture, Design, Implementation, Testing, Release, Operations, Stewardship, and Governance impact.
ES-102
Traceability
Evidence Chain
Example purpose
This artifact shows how LMU/COICP requirements trace backward to Vision and forward to every later stage.
The matrix makes the lineage explicit: each requirement has a scenario, use case, verification method, and downstream engineering impact.
Project
LMU Campus Operations and Incident Coordination Platform
Document control
| Field |
Value |
| Artifact owner |
COICP Product Owner |
| Primary reviewers |
COICP Product Engineer, Architecture Review Board chair, IT security reviewer, AI reviewer, Compliance reviewer, Campus Safety liaison, test lead |
| Status |
Accepted for ES-102 requirements baseline |
| Last updated |
2026-07-06 |
| Related Engineering Stage |
ES-102 — Requirements and Constraints |
| Project workspace target |
docs/project-workspace/requirements/traceability_matrix.md |
Requirements context
| Field |
Value |
| Source vision package |
ES-101 — Vision and Problem Definition |
| Requirements baseline produced |
LMU-COICP-REQ-001 |
| Planning baseline expected next |
LMU-COICP-PLAN-001 |
| Architecture baseline expected later |
LMU-COICP-ARCH-001 |
| Design baseline expected later |
LMU-COICP-DES-001 |
| Implementation baseline expected later |
LMU-COICP-IMPL-001 |
| Integrated baseline expected later |
LMU-COICP-INT-001 |
| Release candidate expected later |
LMU-COICP-RC-001 |
| Downstream release posture |
Internal engineering review only |
| Planned downstream review environment |
LMU-COICP Internal Engineering Review Environment |
| Planned downstream dataset |
Spring Semester Synthetic Incident Dataset |
| Planned downstream synthetic records |
421 |
| Planned downstream reviewer accounts |
24 |
| Planned downstream review window |
March 18–22, 2026 |
| AI Incident Summary |
Deferred / disabled |
| Operational pilot |
Not approved |
Traceability matrix
| Requirement ID |
Requirement Summary |
Scenario |
Use Case |
Verification |
Planning Impact |
Architecture / Design Impact |
Testing / Release Impact |
| FR-001 |
Create synthetic non-emergency coordination record |
COICP-SYN-001 |
UC-001 |
Create workflow test |
WP-002 |
create flow, IncidentRecord, INCIDENT_CREATED |
TC-001 |
| FR-002 |
Assign and change accountable owner |
COICP-SYN-118, 407 |
UC-002, UC-006 |
Owner-change test |
WP-003, WP-007 |
Workflow Service, OWNER_CHANGED |
TC-005 |
| FR-003 |
Update status using controlled state values |
COICP-SYN-118, 219 |
UC-002, UC-004 |
status transition test |
WP-005 |
state model, transition table |
TC-006 / DEF-001 |
| FR-004 |
Record handoff note and next action |
COICP-SYN-118 |
UC-002 |
handoff evidence test |
WP-003 |
HANDOFF_RECORDED EvidenceEvent |
TC-005 |
| FR-005 |
Preserve evidence history for key actions |
COICP-SYN-001, 118, 219, 322 |
UC-001, UC-002, UC-004, UC-005, UC-008 |
auditability test; evidence write failure test |
WP-003, WP-010 |
Evidence History Service, EvidenceEvent |
TC-007 / DEF-003 |
| FR-006 |
Enforce scenario-scoped role-based access |
COICP-SYN-204 |
UC-003 |
access matrix test |
WP-004 |
Access Control Service, role matrix |
TC-004 / TC-011 / DEF-002 |
| FR-007 |
Keep AI Incident Summary disabled |
all scenarios |
UC-007 |
AI-disabled inspection |
WP-008 |
disabled AI boundary |
AI verification / release blocker |
| FR-008 |
Future human review before AI official use |
future AI |
UC-007 future extension |
future AI workflow test |
future work |
HumanReviewAction |
future governance gate |
| FR-009 |
Future AI-assisted content marking |
future AI |
UC-007 future extension |
future label inspection |
future work |
AISummaryDraft marker |
future governance gate |
| FR-010 |
Support access-controlled review view/package |
COICP-SYN-118 |
UC-008 |
review package inspection |
WP-010 |
Review / Export Service |
future review/export test |
| FR-011 |
Close incident with rationale |
COICP-SYN-219 |
UC-004 |
closure test |
WP-005 |
closure workflow and evidence |
TC-006 |
| FR-012 |
Block/redirect out-of-scope or emergency-related input |
COICP-SYN-322 |
UC-005 |
emergency-boundary test |
WP-006 |
Policy Layer / ScopeWarningEvent |
TC-012 / DEF-004 |
| NFR-001 |
Auditability |
COICP-SYN-118, 219 |
UC-002, UC-004, UC-008 |
evidence inspection |
WP-003 |
Evidence Store |
TC-005 / TC-007 |
| NFR-002 |
Security / Privacy |
COICP-SYN-204 |
UC-003 |
access test |
WP-004 |
scenario-scoped roles |
TC-004 / TC-011 |
| NFR-003 |
Usability |
COICP-SYN-001, 118 |
UC-001, UC-002 |
review observation |
WP-002 |
UI workflow simplicity |
internal review feedback |
| NFR-004 |
Internal-review availability |
all scenarios |
all |
monitoring review |
WP-012 |
operations boundary |
operations / monitoring |
| NFR-005 |
Human oversight |
COICP-SYN-118, 219 |
UC-002, UC-004 |
workflow inspection |
WP-003, WP-005 |
human-owned decisions |
release / governance |
| NFR-006 |
Privacy / data minimization |
all scenarios |
all |
data review |
WP-009 |
synthetic data model |
release / governance |
| NFR-007 |
Supportability |
all scenarios |
all |
operational readiness review |
WP-012 |
runbook / support model |
operations |
| NFR-008 |
Reviewability |
COICP-SYN-118 |
UC-008 |
review exercise |
WP-010 |
review package / evidence timeline |
release / stewardship |
| NFR-009 |
Accessibility |
all UI scenarios |
UC-001–UC-004 |
accessibility review |
design dependency |
UI/review package design |
design/release |
| NFR-010 |
AI accountability |
all scenarios |
UC-007 |
AI-disabled inspection |
WP-008 |
AI disabled boundary |
release/governance |
| NFR-011 |
Scope safety |
COICP-SYN-322 |
UC-005 |
boundary test |
WP-006 |
Policy Layer |
TC-012 |
Verification coverage
| Verification Method |
Requirements Covered |
Scenario |
| Create workflow test |
FR-001 |
COICP-SYN-001 |
| Owner/handoff test |
FR-002, FR-004 |
COICP-SYN-118 |
| Status transition test |
FR-003, FR-011 |
COICP-SYN-219 |
| Evidence write failure test |
FR-005, NFR-001 |
COICP-SYN-118 / 219 |
| Access-control matrix test |
FR-006, NFR-002 |
COICP-SYN-204 |
| AI-disabled inspection |
FR-007, NFR-010, C-003 |
all |
| Emergency-boundary test |
FR-012, NFR-011, C-001 |
COICP-SYN-322 |
| Review exercise |
FR-010, NFR-008 |
COICP-SYN-118 |
| Data review |
NFR-006, C-002, C-006 |
all |
| Operational readiness review |
NFR-004, NFR-007 |
all |
| Accessibility review |
NFR-009 |
all UI scenarios |
Requirements requiring refinement
| Requirement |
Refinement Needed |
Owner |
Needed By |
| FR-003 |
final status transition table for COICP-SYN-118 and 219 |
Product Engineer / ARB chair |
Design |
| FR-006 |
exact role matrix and denied actions for COICP-SYN-204 |
IT security reviewer |
Planning / Architecture |
| FR-012 |
final emergency-boundary wording for COICP-SYN-322 |
Campus Safety liaison |
Design |
| NFR-004 |
availability target for March 18–22 review window |
IT operations representative |
Operations |
| NFR-009 |
accessibility expectations |
Accessibility reviewer |
Design |
| C-010 |
retention and cleanup rules |
Compliance reviewer |
Governance |
Continue to Requirements Review
Record scenario coverage, findings, unresolved issues, and baseline decision.
Open Requirements Review →