Penetration Testing Services Procurement Guide

  • 37m
  • Jason Creasey
  • IT Governance
  • 2014

Helping you to conduct effective, value-for-money penetration testing, this guide is designed to enable your organisation to plan for a penetration test, select an appropriate third party provider and manage all important related activities. It presents a useful overview of the key concepts you will need to understand to conduct a well-managed penetration test, explaining what a penetration test is (and is not), outlining its strengths and limitations, and describing why an organisation would typically choose to employ an external provider of penetration testing services.

In this Book

  • Penetration Testing Services Procurement Guide
  • A Structured Approach for Procuring Penetration Testing Services
  • Part I – Introduction and Overview
  • Part II – Understanding the Key Concepts
  • Part III – Adopting a Structured Approach to Penetration Testing
  • Stage A – Determine Business Requirements for Testing
  • Stage B – Agree Testing Scope
  • Stage C – Establish a Management Assurance Framework
  • Stage D – Plan and Conduct Testing
  • Stage E – Initiate Improvement Programme
  • Part IV – Choosing a Suitable Supplier
  • Crest Balanced Scorecard