Reference and guide to SFIA version 7. Framework status: Development.

#54 Pen Testing - reflect how this has evolved as a component of acceptance testing: change request deferred

Consider adding in as a component of Acceptance testing or adding acceptance testing into the description of Pen testing.

From Australian Public Sector SFIA Cyber Security and Digital Workshop Oct12:

  The purpose of Penetration Testing has evolved somewhat since it was first introduced.

  • Penetration Testing can be considered an aspect of acceptance testing of new infrastructure and/or services before being granted an Authority to Operate in a Production environment.

Attached to Penetration testing

deferred

Navigation