#54 Pen Testing - reflect how this has evolved as a component of acceptance testing change request pending

Consider adding in as a component of Acceptance testing or adding acceptance testing into the description of Pen testing.

From Australian Public Sector SFIA Cyber Security and Digital Workshop Oct12:

  The purpose of Penetration Testing has evolved somewhat since it was first introduced.

  • Penetration Testing can be considered an aspect of acceptance testing of new infrastructure and/or services before being granted an Authority to Operate in a Production environment.

Proposed change applies to Penetration testing

Current status of this request: pending