© 2019 IsecT Limited, New Zealand      Get in touch

3-page generic information security policy about pentesting.

 

Provided it is duly authorized and conducted competently, testing the security of a computer network, system or device by attempting to penetrate the defenses can increase assurance regarding the effectiveness of the security controls.  However, incompetent penetration testing can be misleading and risky while unauthorized penetration testing is essentially hacking. 

 

This generic policy specifies the governance, management, authorization and monitoring arrangements to maximize the business value and minimize the information risks associated with penetration testing.

 

Delivered as an editable MS Word document, easily customized for your organization's particular circumstances, information risks and security policy requirements.

Penetration testing policy

$15.00Price
  • Template policy on penetration testing

     

    See also the policies on:

    • Compliance and enforcement
    • Contractors and consultants
    • Cybersecurity
    • Ethics
    • Hacking
    • Information risk management
    • Information systems security
    • Internet security
    • Monitoring and surveillance
    • Network security
    • Outsider threats
    • And others!

Content