Building the Final Report
With the analysis complete, it’s now time to document the results in an official report. The final report is designed to be read by senior management. Its purpose is to help them make operational, technical, and managerial changes. The report should describe threats and vulnerabilities and provide recommendations for controls to reduce risk. The finished document should not read like an audit or investigational report, because that is not what it is. An assessment is a systematic, analytical methodology to assessing vulnerabilities. It is not looking for wrongdoing or to hold individuals accountable for specific actions.
To document your findings and propose solutions, make sure to give those who will be reading the ...
Get Inside Network Security Assessment: Guarding Your IT Infrastructure now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
