This appendix provides a template example, as shown in Table C.1, that can be used for a final report. This template outlines the information, data, and procedures for documenting a security assessment so that the results can be provided to management. The report template contains the following sections:
Notice
Executive summary
Introduction
Statement of work
Analysis
Conclusions
Note that this is an example; each organization should modify this template to meet its own existing needs. Below the template you will find guidelines and information on what each section should contain.
Note
The template example shown in the appendix is also available on the book’s web page.