one page

"Penetration testing in a corporate environment"

Imagine you are an information security manager. How would you consider utilizing penetration testing in a corporate environment? Are there situations in which you feel another technique is more appropriate? In a few sentences, describe the most important business areas and/or network infrastructure components that would be most and least beneficial to test. Recommend a website as a potential useful resource that outlines best practices for conducting an internal penetration test.