Pentests are required for ISO 27001 or SOC2 audits: download pdf Why do organizations need to conduct a penetration test?