Logo

CISOBot - Your AI CISO Assistant

VPM-07

Penetration Testing

Weight: 9/10
Description

Mechanisms exist to conduct penetration testing on Technology Assets, Applications and/or Services (TAAS).

Control Question

Does the organization conduct penetration testing on Technology Assets, Applications and/or Services (TAAS)?

Control Metadata
Domain:

Vulnerability & Patch Management

Validation Cadence:

Annual

Evidence Request List:

E-VPM-02 E-VPM-03

Framework Mappings

This control maps to the following compliance frameworks

MAS TRM

13.2.113.2.313.2.4

Have questions about this control?

Ask CISOBot for implementation guidance and best practices