6.0 DOMAIN 6: SECURITY ASSESSMENT AND TESTING

• 6.1 Design and Validate assessment, test, and audit strategies
• 6.1.1 Internal
• 6.1.2 External
• 6.1.3 Third-party
• 6.1.4 Location (e.g. on-premises, cloud, hybrid)