Security Testing project RACI Matrix

The following serves as a basis for assigning the RACI for the testing activities.

Key Stakeholders:

1. Security Team: Primarily responsible for executing and managing security testing.
2. Project Manager: Oversees the overall project and ensures deadlines and scope are met.
3. Development Team: Responsible for remediation of vulnerabilities and code-level changes.
4. QA Team: Tests the system for functional and non-functional requirements but also consulted for security testing.
5. Compliance: Ensures that the testing and results adhere to industry regulations and company policies.
6. External Testers: Can be hired for specialized penetration testing or audits.
7. Stakeholders: Individuals or groups who need updates on the project's security status, such as executives or business units.

Basic metrics for security testing

Common security tests