#54 Pen Testing - reflect how this has evolved as a component of acceptance testing: change request pending
Consider adding in as a component of Acceptance testing or adding acceptance testing into the description of Pen testing.
From Australian Public Sector SFIA Cyber Security and Digital Workshop Oct12:
The purpose of Penetration Testing has evolved somewhat since it was first introduced.
- Penetration Testing can be considered an aspect of acceptance testing of new infrastructure and/or services before being granted an Authority to Operate in a Production environment.
Attached to Penetration testing