When conducting post-report-delivery activities:
- Verify that you have removed any remaining artifacts of the test.
- During formal hand-off of the report, be prepared to have a discussion about the contents of the report.
- Get confirmation from the client that they agree that the testing is complete and that they accept the report's findings and conclusions.
- Find out what the client needs as far as proof of vulnerability or exploitation.
- Provide proof of your tests as needed.
- Draft a lessons learned report by asking yourself what did or did not go well during the test.
- Identify areas of improvement for the pen test team's processes and tools.
- Identify any follow-up actions that need to be performed.
- Identify who will be performing these actions.