After delivering a comprehensive penetration test report to your client, which of the following steps should you take to ensure proper client acceptance of the engagement?
Make any revisions to the report that the client requests and assume acceptance is implied.
Send an email to the client confirming that the report has been delivered and consider the project accepted.
Wait for the client to implement the recommended remediations before assuming acceptance of the report.
Obtain a formal sign-off from the client, indicating acceptance of the findings and recommendations.
Having the client sign a document that formally states they have received and understood the report is a key step to ensure client acceptance of a penetration test engagement. It confirms that the client acknowledges the outcomes and is an essential part of the closure process. The report delivery alone doesn't guarantee acceptance, nor does an email confirmation suffice for formality. Making revisions based on client feedback is part of the overall process but does not equate to formal acceptance.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is a formal sign-off important after a penetration test?
Open an interactive chat with Bash
What could happen if no formal acceptance is obtained?
Open an interactive chat with Bash
What types of documentation are typically involved in the sign-off process?