X9 X9.111-2011 (R2017)
Penetration Testing within the Financial Services Industry
standard by Accredited Standards Committee X9 Incorporated, 01/14/2011
Full Description
X9.111-2011 (R2017) specifies recommended processes for conducting penetration testing with financial service organizations. This standard describes a framework for specifying, describing and conducting penetration testing, and then relating the results of the penetration testing. This standard allows an entity interested in obtaining penetration testing services to identify the objects to be tested, specify a level of testing to occur, and to set a minimal set of testing expectations.