This is a development site. Visit SFIA

Skip to content. | Skip to navigation

Personal tools

Reference and guide to SFIA version 8. Framework status: Development. Show revision-marked text

Penetration testing: Level 5


Coordinates and manages planning of penetration tests, within a defined area of business activity. Delivers objective insights into the existence of vulnerabilities, the effectiveness of defences and mitigating controls - both those already in place and those planned for future implementation. Takes responsibility for integrity of testing activities and coordinates the execution of these activities. Provides authoritative advice and guidance on the planning and execution of vulnerability tests. Defines and communicates the test strategy. Manages all test processes, and contributes to corporate security testing standards.

Change requests

There are no change requests here