The list is long, but I’ll start it off with just a few.
- Ability to use existing Login infrastructure (Active Directory, LDAP)
- Easy to use edit capability (Visual Editor)
Whether it’s ISO 9000, SAS70 or newer versions of these standards such as SSAE 16 (SOC 1 and SOC 2) for auditing practices and process; many businesses either MUST comply with certain regulations, or else prefer to use vendors who can certify compliance with certain standards. This could certainly be it’s own topic owing to the number of different standards and regulations relevant to different industries. There’s VPAT/GPAT/508 for accessibility, There’s NIST 800-53 The EU’s GDPR
Although this site is a bit dated, they offer one view of the panopoly of security standards: http://www.securearc.com/wiki/index.php/Security_Policies_and_Standards