What does AVORD Penetration Test Risk Reporting consist of?
AVORD uses globally recognised standards such as the Penetration Testing Execution Standard (PTES). The AVORD Penetration test risk reporting simplifies the task of identifying and treating your key cyber risks. For example, all reports are inputted directly into the platform in set fields. For example, the reports cannot be sent until completed correctly to our standards. We strive to increase quality and consistency across the reporting process.Example of the headings that can be found in the AVORD reporting page
The Executive Summary
This section communicates to the reader the specific goals of the penetration test and the high-level findings of the testing exercise. Therefor the intended audience will be those who are in charge of the company oversight. Plus strategic vision of the security program as well as any members of the organization which may be impacted by the identified threats.The executive summary should contain most if not all of the following sections:
Penetration Test Risk Reporting – Quality and Consistency
This section communicates to the reader the technical details of the test. For example, all of the aspects/components agreed upon as key success indicators within the pre engagement exercise.The technical summary contains most if not all of the following sections: