Phase IV - The Report
Upon the completion, of the work a report will be created which presents the findings and includes issues found, architectural recommendations, vulnerability eliminations, and security improvement processes.
An external security test report is used for the following reasons:
A description of the effectiveness (or lack of) of your security controls
To have a reference point for corrective action
To define mitigation activities to address identified vulnerabilities
To have a benchmark for tracing an organization’s security progress
To assess the implementation status of system security requirements
To conduct a cost/benefit analysis of security spending
To ensure availability, confidentiality and integrity of data
To have the trust and confidence to transact business
| 