The threat is constantly evolving so a penetration test will only validate that your organisation’s IT infrastructure is not vulnerable to known issues on the day of the test. This is why testing should be performed regularly—many organisations commission quarterly or yearly tests.
If you are implementing any changes or new systems, infrastructure or applications, you will also need to test these before they are live. We strongly recommend not waiting until your next scheduled test to check that if there are vulnerabilities.
If you would like advice on how often you undertake a pen test, we recommend discussing this with one of our Information Assurance Consultants.