Skip to main content

ER-26 Pre-Kickoff - Penetration Test Results and Remediation

C
Written by Claudio Morsella
Updated over a month ago

Penetration Test Policy

Provide your penetration testing policy.

The evidence should demonstrate:

  • How you conduct penetration testing

  • The process and timelines that your team will follow for remediation of any Critical or High findings

Penetration Test Report

Provide your most recent penetration test report.

Penetration Test Remediation

If your provided penetration test resulted in any findings of High or Critical importance, provide all documentation related to the tracking and remediation of those findings.

Additional Guidance
If you are using Thoropass' templates, your penetration test policy may be included as part of your Vulnerability Management Policy.

Associated Unified Control ID

Associated Framework Control

CTRL-174

LCL-20
LCL-21

Did this answer your question?