Application Penetration Testing Risk Assessment Form

General Information

Application Name Business Owner Contact Email Assessment Date

Application Details

Application Description Application Type Web Mobile Desktop API Other Data Sensitivity Level Low Medium High

Scope

In-Scope Components Out-of-Scope Components

Risks and Controls

Key Risks Identified Existing Security Controls

Additional Information

Comments / Notes