Rules of Engagement

Rules of Engagement (RoE) is a document that deals with the manner in which the penetration test is to be conducted. Some of the directives that should be clearly spelled out in RoE before you start the penetration test are as follows:

• The type and scope of testing
• Client contact details
• Client IT team notifications
• Sensitive data handling
• Status meeting and reports