In this discussion, we want to examine forms of security testing for a chosen organization. For example, if you are using a health care organization, what type of security testing is required, and what compliance factors must be considered, such as the Health Insurance Portability and Accountability Act (HIPAA)? Provide some of the tools, frameworks, models, checklists, and standards you found in your research on security testing.

Use any of this week's readings, or your own, and discuss a relevant issue of compliance and ways to conduct security tests. In your analysis, also discuss how we would examine the audits of these tests and if both internal and external audits are needed.