Penetration Testing Services Procurement Guide by CREST;

Author:CREST;
Language: eng
Format: epub
Publisher: IT Governance Ltd

The risks associated with penetration testing can be reduced if the business utilises a qualified and experienced penetration tester (CREST certified), working within the structured constraints of a certified testing company (a CREST member).

Change management

Any changes to the scope of the penetration test (eg. additional testing requested, such as to include wireless or device testing); or to organisational controls (eg. to address a critical weakness uncovered during testing) need to be managed quickly and efficiently. Consequently, a change management system should be applied to any changes to the testing scope or the configuration of target systems.

Problem resolution

Problems (and complaints) can arise during the test, for example due to resources not being made available, tests not working as planned or a breach of a code of conduct. It is therefore important to ensure that there is a problem resolution process in place to ensure that any issues are resolved satisfactorily, in a timely manner.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.