## Target Audience

- Identify targets of the engagement 
- Identify scope and size of the engagement


## Objective

Asses reasons for the assessment. Security, risk assessments, customer personal data protection, etc.


## Compliance

Establish guidelines (or necessity) for compliance with internal and external regulations.
Example: PCI DSS
## Resources

1. Define budgeting requirements for the campaign.
2. Identify target's accessibility:
	- Physical access
	- Remote access
	- Tooling required
	
## Communication Plan

1. Aquire Trusted Agent(s) within the company for trusted communication
2. Establish communication guidelines and information access control rules during engagement (who knows what)


## Product/Report

Establish reporting guidelines
[[REPORT TEMPLATE]]

## Technical Constraints

Identify and establish all technical restrictions during the engagement. What parts of the infrastructure is tested and what is out of scope.

## Comprehensiveness

Identify specifics on the engagement, what parts of the infrastructure is tested, what type of vulnerabilities, etc.