Objective setting and definition of the framework.
Mutual signing of a contract for a penetration test. This contains precise information about the objectives, deadlines and conditions.
Implementation of the penetration test by certified staff.
Discussion of important / critical findings. Evaluation of direct, timely measures with the IT department as well as the management.
Written summary of findings including management summary and personal conclusion.
Re-check positively tested vulnerabilities.